CVE - CVE-2021-47048

CVE-ID
CVE-2021-47048	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op When handling op->addr, it is using the buffer "tmpbuf" which has been freed. This will trigger a use-after-free KASAN warning. Let's use temporary variables to store op->addr.val and op->cmd.opcode to fix this issue.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/1231279389b5e638bc3b66b9741c94077aed4b5a URL:https://git.kernel.org/stable/c/1231279389b5e638bc3b66b9741c94077aed4b5a MISC:https://git.kernel.org/stable/c/23269ac9f123eca3aea7682d3345c02e71ed696c URL:https://git.kernel.org/stable/c/23269ac9f123eca3aea7682d3345c02e71ed696c MISC:https://git.kernel.org/stable/c/a2c5bedb2d55dd27c642c7b9fb6886d7ad7bdb58 URL:https://git.kernel.org/stable/c/a2c5bedb2d55dd27c642c7b9fb6886d7ad7bdb58 MISC:https://git.kernel.org/stable/c/d67e0d6bd92ebbb0294e7062bbf5cdc773764e62 URL:https://git.kernel.org/stable/c/d67e0d6bd92ebbb0294e7062bbf5cdc773764e62
Assigning CNA
kernel.org
Date Record Created
20240227	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240227)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)