5.5
CVE-2021-47294
- EPSS 0.02%
- Published 21.05.2024 15:15:17
- Last modified 23.06.2025 20:19:04
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved:
netrom: Decrease sock refcount when sock timers expire
Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use
sock timer API. It replaces mod_timer() by sk_reset_timer(), and
del_timer() by sk_stop_timer().
Function sk_reset_timer() will increase the refcount of sock if it is
called on an inactive timer, hence, in case the timer expires, we need to
decrease the refcount ourselves in the handler, otherwise, the sock
refcount will be unbalanced and the sock will never be freed.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.4.173 < 4.4.277
Linux ≫ Linux Kernel Version >= 4.9.155 < 4.9.277
Linux ≫ Linux Kernel Version >= 4.14.98 < 4.14.241
Linux ≫ Linux Kernel Version >= 4.19.20 < 4.19.199
Linux ≫ Linux Kernel Version >= 5.0 < 5.4.136
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.54
Linux ≫ Linux Kernel Version >= 5.11 < 5.13.6
Linux ≫ Linux Kernel Version3.18.134
Linux ≫ Linux Kernel Version4.20.7
Linux ≫ Linux Kernel Version5.14 Updaterc1
Linux ≫ Linux Kernel Version5.14 Updaterc2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.036 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-672 Operation on a Resource after Expiration or Release
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.