Description

In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutex_init() location Syzbot reported, that mxl111sf_ctrl_msg() uses uninitialized mutex. The problem was in wrong mutex_init() location. Previous mutex_init(&state->msg_lock) call was in ->init() function, but dvb_usbv2_init() has this order of calls: dvb_usbv2_init() dvb_usbv2_adapter_init() dvb_usbv2_adapter_frontend_init() props->frontend_attach() props->init() Since mxl111sf_* devices call mxl111sf_ctrl_msg() in ->frontend_attach() internally we need to initialize state->msg_lock before frontend_attach(). To achieve it, ->probe() call added to all mxl111sf_* devices, which will simply initiaize mutex.

INFO

Published Date :

2024-06-19T14:53:49.459Z

Last Modified :

2025-05-04T07:14:08.977Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2021-47583 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-47583.

URL Resource
https://git.kernel.org/stable/c/44870a9e7a3c24acbb3f888b2a7cc22c9bdf7e7f cve-icon cve-icon
https://git.kernel.org/stable/c/4b2d9600b31f9ba7adbc9f3c54a068615d27b390 cve-icon cve-icon
https://git.kernel.org/stable/c/8c6fdf62bfe1bc72bfceeaf832ef7499c7ed09ba cve-icon cve-icon
https://git.kernel.org/stable/c/96f182c9f48b984447741f054ec301fdc8517035 cve-icon cve-icon
https://git.kernel.org/stable/c/b99bdf127af91d53919e96292c05f737c45ea59a cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024061916-CVE-2021-47583-b02c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2021-47583 cve-icon
https://www.cve.org/CVERecord?id=CVE-2021-47583 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact