Vulnerability Details : CVE-2021-47437
In the Linux kernel, the following vulnerability has been resolved:
iio: adis16475: fix deadlock on frequency set
With commit 39c024b51b560
("iio: adis16475: improve sync scale mode handling"), two deadlocks were
introduced:
1) The call to 'adis_write_reg_16()' was not changed to it's unlocked
version.
2) The lock was not being released on the success path of the function.
This change fixes both these issues.
Products affected by CVE-2021-47437
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-47437
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-47437
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST | 2025-01-10 |
CWE ids for CVE-2021-47437
-
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-47437
-
https://git.kernel.org/stable/c/04e03b907022ebd876f422f17efcc2c6cc934dc6
iio: adis16475: fix deadlock on frequency set - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/9da1b86865ab4376408c58cd9fec332c8bdb5c73
iio: adis16475: fix deadlock on frequency set - kernel/git/stable/linux.git - Linux kernel stable treePatch
Jump to