{"id":"CVE-2021-47500","details":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device.","modified":"2026-03-13T05:16:32.703297Z","published":"2024-05-24T15:15:09.900Z","related":["SUSE-SU-2024:1979-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2008-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2185-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2025:01995-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8"},{"type":"FIX","url":"https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96"},{"type":"FIX","url":"https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba"},{"type":"FIX","url":"https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb"},{"type":"FIX","url":"https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e"},{"type":"FIX","url":"https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739"},{"type":"FIX","url":"https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892"},{"type":"FIX","url":"https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.2"},{"fixed":"4.4.295"}]},{"events":[{"introduced":"4.5"},{"fixed":"4.9.293"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.258"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.221"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.165"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.85"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.8"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc4"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47500.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}