---

CVE-2021-37159 - log back

CVE-2021-37159 edited at 28 Jul 2021 18:29:29
Description	- hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. + hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel before version 5.13.6 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
References	https://www.spinics.net/lists/linux-usb/msg202228.html + https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.6&id=eeaa4b8d1e2e6f10362673d283a97dccc7275afa + https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.54&id=115e4f5b64ae8d9dd933167cafe2070aaac45849

CVE-2021-37159 edited at 21 Jul 2021 16:10:25
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
References	+ https://www.spinics.net/lists/linux-usb/msg202228.html

CVE-2021-37159 created at 21 Jul 2021 16:09:13
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes