CVE-2021-47520
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
can: pch_can: pch_can_rx_normal: fix use after free
After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call netif_receive_skb(skb).
Reordering the lines solves the issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | b21d18b51b31a24d17f883b678432fbdee3d5675 < bafe343a885c70dddf358379cf0b2a1c07355d8d | affected |
| Linux | Linux | b21d18b51b31a24d17f883b678432fbdee3d5675 < 3a3c46e2eff0577454860a203be1a8295f4acb76 | affected |
| Linux | Linux | b21d18b51b31a24d17f883b678432fbdee3d5675 < affbad02bf80380a7403885b9fe4a1587d1bb4f3 | affected |
| Linux | Linux | b21d18b51b31a24d17f883b678432fbdee3d5675 < 3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa | affected |
| Linux | Linux | b21d18b51b31a24d17f883b678432fbdee3d5675 < abb4eff3dcd2e583060082a18a8dbf31f02689d4 | affected |
| Linux | Linux | b21d18b51b31a24d17f883b678432fbdee3d5675 < 703dde112021c93d6e89443c070e7dbd4dea612e | affected |
| Linux | Linux | b21d18b51b31a24d17f883b678432fbdee3d5675 < 6c73fc931658d8cbc8a1714b326cb31eb71d16a7 | affected |
| Linux | Linux | b21d18b51b31a24d17f883b678432fbdee3d5675 < 94cddf1e9227a171b27292509d59691819c458db | affected |
| Linux | Linux | 2.6.37 | affected |
| Linux | Linux | 0 < 2.6.37 | unaffected |
| Linux | Linux | 4.4.295 <= 4.4.* | unaffected |
| Linux | Linux | 4.9.293 <= 4.9.* | unaffected |
| Linux | Linux | 4.14.258 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.221 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.165 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.85 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.8 <= 5.15.* | unaffected |
| Linux | Linux | 5.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d
- https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76
- https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3
- https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa
- https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4
- https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e
- https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7
- https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db
References
- https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d
- https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76
- https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3
- https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa
- https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4
- https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e
- https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7
- https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.