7.8
CVE-2021-47301
- EPSS 0.24%
- Veröffentlicht 21.05.2024 15:15:17
- Zuletzt bearbeitet 26.12.2024 20:44:31
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
igb: Fix use-after-free error during reset
In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igb_poll() runs while the controller is reset this can lead to the driver try to free a skb that was already freed. (The crash is harder to reproduce with the igb driver, but the same potential problem exists as the code is identical to igc)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.12 < 4.14.241
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.199
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.136
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.54
Linux ≫ Linux Kernel Version >= 5.11 < 5.13.6
Linux ≫ Linux Kernel Version5.14 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.147 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e
https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f
https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c
https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492
https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8
https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240