Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In the Linux kernel, the following vulnerability has been resolved:
iio: mma8452: Fix trigger reference couting
The mma8452 driver directly assigns a trigger to the struct iio_dev. The
IIO core when done using this trigger will call iio_trigger_put() to drop
the reference count by 1.
Without the matching iio_trigger_get() in the driver the reference count
can reach 0 too early, the trigger gets freed while still in use and a
use-after-free occurs.
Fix this by getting a reference to the trigger before assigning it to the IIO device.
Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:H7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H