7.8
CVE-2021-47520
- EPSS 0.24%
- Veröffentlicht 24.05.2024 15:15:14
- Zuletzt bearbeitet 21.11.2024 06:36:25
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
can: pch_can: pch_can_rx_normal: fix use after free
In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call netif_receive_skb(skb). Reordering the lines solves the issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.37 < 4.4.295
Linux ≫ Linux Kernel Version >= 4.5 < 4.9.293
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.258
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.221
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.165
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.85
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.8
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.151 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76
https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa
https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7
https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e
https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db
https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4
https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3
https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d