CVE-2021-47087
tee: optee: Fix incorrect page free bug
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
04 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
tee: optee: Fix incorrect page free bug
Pointer to the allocated pages (struct page *page) has already
progressed towards the end of allocation. It is incorrect to perform
__free_pages(page, order) using this pointer as we would free any
arbitrary pages. Fix this by stop modifying the page pointer.
Affected products
Linux · Linux