CVE-2021-47372: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-47372 is a use-after-free vulnerability discovered in the Linux kernel's network driver component, specifically in the MACB (Microchip/Atmel MAC-Bus) PCI driver. The vulnerability was identified and resolved in 2021, affecting multiple versions of the Linux kernel up to versions 4.14.249, 4.19.209, 5.4.150, 5.10.70, and 5.14.9 (NVD).

The vulnerability occurs in the macbremove function of the MACB PCI driver when unregistering the platform device. The issue arises because platdev->dev->platformdata is released by platformdevice_unregister(), but the subsequent use of pclk and hclk results in a use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The use-after-free vulnerability could potentially lead to memory corruption, system crashes, or privilege escalation in affected Linux systems. The high CVSS score indicates that successful exploitation could result in complete compromise of system confidentiality, integrity, and availability (NVD).

The vulnerability has been fixed by adjusting the function call sequence in the macbremove function. The fix involves moving the platformdeviceunregister(platdev) call after the clk_unregister calls for pclk and hclk, as device unregistration doesn't require the clock device (Kernel Patch).