PT-2021-8176 · Linux+3 · Linux Kernel+3

Pavel Skripkin

Published

2021-11-17

Updated

2025-01-14

CVE-2021-47204

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a use-after-free bug in the dpaa2-eth component of the Linux kernel. Access to netdev after free netdev() will cause this bug. The problem is resolved by moving the debug log before the free netdev() call. This bug may allow an attacker to elevate privileges in the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2024-09226

CVE-2021-47204

OESA-2024-1944

OPENSUSE-SU-2024_1641-1

OPENSUSE-SU-2024_1644-1

OPENSUSE-SU-2024_1659-1

OPENSUSE-SU-2024_1663-1

SUSE-SU-2024:1641-1

SUSE-SU-2024:1643-1

SUSE-SU-2024:1644-1

SUSE-SU-2024:1646-1

SUSE-SU-2024:1647-1

SUSE-SU-2024:1659-1

SUSE-SU-2024:1663-1

SUSE-SU-2024:1870-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2021-8176 · Linux+3 · Linux Kernel+3

CVE-2021-47204

Weakness Enumeration

Related Identifiers

Affected Products

References · 857