CVE-2021-47294

Summary

In the Linux kernel, the following vulnerability has been resolved:

netrom: Decrease sock refcount when sock timers expire

Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use sock timer API. It replaces mod_timer() by sk_reset_timer(), and del_timer() by sk_stop_timer().

Function sk_reset_timer() will increase the refcount of sock if it is called on an inactive timer, hence, in case the timer expires, we need to decrease the refcount ourselves in the handler, otherwise, the sock refcount will be unbalanced and the sock will never be freed.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxce29e8a259de767f7210d346ad2b031cb8ab2732 < 853262355518cd1247515b74e83fabf038aa6c29affected
LinuxLinuxbaa9e32336bf6d0d74a7c3486d2a27feaf57cd5f < a01634bf91f2b6c42583770eb6815fb6d1e251cfaffected
LinuxLinux0adf571fa34b27bd0b97b408cc0f0dc54b72f0eb < 48866fd5c361ea417ed24b43fc2a7dc2f5b060efaffected
LinuxLinux2c6b572458a9127e8070df13fa7f115c29ab1d92 < 9619cc7d97c3aa8ed3cfd2b8678b74fb6d6c7950affected
LinuxLinux63346650c1a94a92be61a57416ac88c0a47c4327 < 25df44e90ff5959b5c24ad361b648504a7e39ef3affected
LinuxLinux63346650c1a94a92be61a57416ac88c0a47c4327 < 6811744bd0efb9e472cb15d066cdb460beb8cb8aaffected
LinuxLinux63346650c1a94a92be61a57416ac88c0a47c4327 < bc1660206c3723c37ed4d622ad81781f1e987250affected
LinuxLinux63346650c1a94a92be61a57416ac88c0a47c4327 < 517a16b1a88bdb6b530f48d5d153478b2552d9a8affected
LinuxLinuxf1d9a1f2ef6ff17293d21d5e6b80e04bea0cf508affected
LinuxLinux519e8a22a454b1f1baa3a151b184fe51bc18e178affected
LinuxLinux4.4.173 < 4.4.277affected
LinuxLinux4.9.155 < 4.9.277affected
LinuxLinux4.14.98 < 4.14.241affected
LinuxLinux4.19.20 < 4.19.199affected
LinuxLinux3.18.134 < 3.19affected
LinuxLinux4.20.7 < 4.21affected
LinuxLinux5.0affected
LinuxLinux0 < 5.0unaffected
LinuxLinux4.4.277 <= 4.4.*unaffected
LinuxLinux4.9.277 <= 4.9.*unaffected
LinuxLinux4.14.241 <= 4.14.*unaffected
LinuxLinux4.19.199 <= 4.19.*unaffected
LinuxLinux5.4.136 <= 5.4.*unaffected
LinuxLinux5.10.54 <= 5.10.*unaffected
LinuxLinux5.13.6 <= 5.13.*unaffected
LinuxLinux5.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References