Improper error handling in Linux kernel - CVE-2021-46962
Published: June 3, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU90963
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-46962
CWE-ID: CWE-388
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the uniphier_sd_remove() function in drivers/mmc/host/uniphier-sd.c. A local user can perform a denial of service (DoS) attack.
How to mitigate CVE-2021-46962
Install update from vendor's website.
Sources
- https://git.kernel.org/stable/c/0d8941b9b2d3e7b3481fdf43b1a6189d162175b7
- https://git.kernel.org/stable/c/25ac6ce65f1ab458982d15ec1caf441acd37106a
- https://git.kernel.org/stable/c/ebe0f12cf4c044f812c6d17011531582f9ac8bb3
- https://git.kernel.org/stable/c/d6e7fda496978f2763413b5523557b38dc2bf6c2
- https://git.kernel.org/stable/c/e29c84857e2d51aa017ce04284b962742fb97d9e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.36
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.20
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.3
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.118