CVE-2021-47301
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
igb: Fix use-after-free error during reset
Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring.
Failure to do so can cause invalid memory accesses. If igb_poll() runs while the controller is reset this can lead to the driver try to free a skb that was already freed.
(The crash is harder to reproduce with the igb driver, but the same potential problem exists as the code is identical to igc)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 7cc6fd4c60f267e17b0baef1580d7a6258c0a6f0 < d7367f781e5a9ca5df9082b15b272b55e76931f8 | affected |
| Linux | Linux | 7cc6fd4c60f267e17b0baef1580d7a6258c0a6f0 < d3ccb18ed5ac3283c7b31ecc685b499e580d5492 | affected |
| Linux | Linux | 7cc6fd4c60f267e17b0baef1580d7a6258c0a6f0 < 88e0720133d42d34851c8721cf5f289a50a8710f | affected |
| Linux | Linux | 7cc6fd4c60f267e17b0baef1580d7a6258c0a6f0 < f153664d8e70c11d0371341613651e1130e20240 | affected |
| Linux | Linux | 7cc6fd4c60f267e17b0baef1580d7a6258c0a6f0 < 8e24c12f2ff6d32fd9f057382f08e748ec97194c | affected |
| Linux | Linux | 7cc6fd4c60f267e17b0baef1580d7a6258c0a6f0 < 7b292608db23ccbbfbfa50cdb155d01725d7a52e | affected |
| Linux | Linux | 4.12 | affected |
| Linux | Linux | 0 < 4.12 | unaffected |
| Linux | Linux | 4.14.241 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.199 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.136 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.54 <= 5.10.* | unaffected |
| Linux | Linux | 5.13.6 <= 5.13.* | unaffected |
| Linux | Linux | 5.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8
- https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492
- https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f
- https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240
- https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c
- https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8
- https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492
- https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f
- https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240
- https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c
- https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.