We found results for “”
CVE-2021-46932
Good to know:
Date: February 27, 2024
In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device
Language: C
Severity Score
Related Resources (10)
Severity Score
Weakness Type (CWE)
Improper Initialization
CWE-665Top Fix
Upgrade Version
Upgrade to version v4.4.298,v4.9.296,v4.14.261,v4.19.224,v5.4.170,v5.10.90,v5.15.13
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |