CVE-2021-47222

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13.0-rc3+ #360

Description The vulnerability is related to the egress tunnel code in the Linux kernel's bridge module. The code uses dst clone() and directly sets the result, which can cause problems if the entry has a reference count of 0 or has already been deleted. This triggers a WARN ON() in dst hold() when a reference count cannot be taken. The issue is fixed by using dst hold safe() and checking if a reference was actually taken before setting the destination.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the vulnerability. Specifically, for Linux kernel version 5.13.0-rc3+ #360, update to a newer version that includes the patch for the net: bridge: fix vlan tunnel dst refcnt when egressing vulnerability.

As a temporary workaround, consider disabling the vulnerable function or restricting access to the affected module to minimize the risk of exploitation. However, this should not be considered a permanent solution, and updating the kernel to a patched version is recommended as soon as possible.

At the moment, there is no information about a newer version that contains a fix for this vulnerability, other than updating to a version after 5.13.0-rc3+ #360.