VYPR
High severity7.7NVD Advisory· Published May 21, 2024· Updated Jun 17, 2026

CVE-2021-47356

CVE-2021-47356

Description

In the Linux kernel, the following vulnerability has been resolved:

mISDN: fix possible use-after-free in HFC_cleanup()

This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free.

Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

128

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.