PT-2024-11115 · Linux+6 · Linux Kernel+6

Lv Yunlong

Published

2021-04-26

Updated

2024-12-09

CVE-2021-47013

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use after free issue has been resolved in the Linux kernel. The issue occurs in the emac mac tx buf send function, which calls emac tx fill tpd(..,skb,..). If an error happens in emac tx fill tpd(), the skb will be freed via dev kfree skb(skb) in the error branch of emac tx fill tpd(). However, the freed skb is still used via skb->len by netdev sent queue(,skb->len). To fix this issue, the patch assigns skb->len to 'len' before the possible free and uses 'len' instead of skb->len later.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:3618

ALSA-2024:3627

BDU:2025-05309

CESA-2024_3618

CESA-2024_3627

CVE-2021-47013

INFSA-2024_3618

INFSA-2024_3627

OESA-2024-1345

OESA-2024-1346

OPENSUSE-SU-2024_0857-1

OPENSUSE-SU-2024_1489-1

RHSA-2024:3462

RHSA-2024:3618

RHSA-2024:3627

RHSA-2024:3810

RHSA-2024_3618

RHSA-2024_3627

RLSA-2024:3618

RLSA-2024:3627

SUSE-SU-2024:0856-1

SUSE-SU-2024:0857-1

SUSE-SU-2024:0925-1

SUSE-SU-2024:0926-1

SUSE-SU-2024:0975-1

SUSE-SU-2024:0976-1

SUSE-SU-2024:1454-1

SUSE-SU-2024:1489-1

Affected Products

Almalinux

Astra Linux

Centos

Linux Kernel

Red Hat

Rocky Linux

Suse

PT-2024-11115 · Linux+6 · Linux Kernel+6

CVE-2021-47013

Weakness Enumeration

Related Identifiers

Affected Products

References · 714