CVE-2021-47520

Summary

In the Linux kernel, the following vulnerability has been resolved:

can: pch_can: pch_can_rx_normal: fix use after free

After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call netif_receive_skb(skb).

Reordering the lines solves the issue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb21d18b51b31a24d17f883b678432fbdee3d5675 < bafe343a885c70dddf358379cf0b2a1c07355d8daffected
LinuxLinuxb21d18b51b31a24d17f883b678432fbdee3d5675 < 3a3c46e2eff0577454860a203be1a8295f4acb76affected
LinuxLinuxb21d18b51b31a24d17f883b678432fbdee3d5675 < affbad02bf80380a7403885b9fe4a1587d1bb4f3affected
LinuxLinuxb21d18b51b31a24d17f883b678432fbdee3d5675 < 3e193ef4e0a3f5bf92ede83ef214cb09d01b00aaaffected
LinuxLinuxb21d18b51b31a24d17f883b678432fbdee3d5675 < abb4eff3dcd2e583060082a18a8dbf31f02689d4affected
LinuxLinuxb21d18b51b31a24d17f883b678432fbdee3d5675 < 703dde112021c93d6e89443c070e7dbd4dea612eaffected
LinuxLinuxb21d18b51b31a24d17f883b678432fbdee3d5675 < 6c73fc931658d8cbc8a1714b326cb31eb71d16a7affected
LinuxLinuxb21d18b51b31a24d17f883b678432fbdee3d5675 < 94cddf1e9227a171b27292509d59691819c458dbaffected
LinuxLinux2.6.37affected
LinuxLinux0 < 2.6.37unaffected
LinuxLinux4.4.295 <= 4.4.*unaffected
LinuxLinux4.9.293 <= 4.9.*unaffected
LinuxLinux4.14.258 <= 4.14.*unaffected
LinuxLinux4.19.221 <= 4.19.*unaffected
LinuxLinux5.4.165 <= 5.4.*unaffected
LinuxLinux5.10.85 <= 5.10.*unaffected
LinuxLinux5.15.8 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References