CVE-2021-47247

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13.0-rc3+

Description The vulnerability is a use-after-free issue in the mlx5e encap take function, which can be triggered by concurrent encap entry insertion/deletion. This can lead to a use-after-free error, potentially causing a denial-of-service or allowing an attacker to execute arbitrary code.

Recommendations To resolve this issue, update the Linux kernel to a version newer than 5.13.0-rc3+. As a temporary workaround, consider disabling the mlx5e rep neigh update function until a patch is available. However, this may have performance implications and should be carefully evaluated before implementation.

Note: The provided input descriptions do not contain information about the fixed version or specific mitigation measures. The recommendation to update the Linux kernel is based on the assumption that the issue has been fixed in a later version. If no information is provided about a newer version that contains a fix for this vulnerability, the recommendation would be: At the moment, there is no information about a newer version that contains a fix for this vulnerability.