CVE-2021-47606

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.0-rc1+

Description The vulnerability is related to a division error in the netem enqueue function, which occurs when the skb->len and skb->data len are both zero. This error is caused by a lack of check on the len parameter, allowing an empty skb to be processed. The issue is resolved by adding a check on the len parameter to prevent empty skbs.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix, which is version 5.16.0-rc1 or later. If updating is not possible, consider disabling the netem enqueue function or restricting its use to minimize the risk of exploitation. However, these are temporary workarounds, and updating the kernel is the recommended solution.

At the moment, there is no information about a newer version that contains a fix for this vulnerability in the provided input descriptions, but based on the context, it seems the fix is included in version 5.16.0-rc1 or later.