{"id":"CVE-2021-47048","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op\n\nWhen handling op-\u003eaddr, it is using the buffer \"tmpbuf\" which has been\nfreed. This will trigger a use-after-free KASAN warning. Let's use\ntemporary variables to store op-\u003eaddr.val and op-\u003ecmd.opcode to fix\nthis issue.","modified":"2026-03-13T05:20:32.278027Z","published":"2024-02-28T09:15:40.370Z","references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/1231279389b5e638bc3b66b9741c94077aed4b5a"},{"type":"FIX","url":"https://git.kernel.org/stable/c/23269ac9f123eca3aea7682d3345c02e71ed696c"},{"type":"FIX","url":"https://git.kernel.org/stable/c/a2c5bedb2d55dd27c642c7b9fb6886d7ad7bdb58"},{"type":"FIX","url":"https://git.kernel.org/stable/c/d67e0d6bd92ebbb0294e7062bbf5cdc773764e62"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"5.10"},{"fixed":"5.10.37"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.11.21"}]},{"events":[{"introduced":"5.12"},{"fixed":"5.12.4"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47048.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}