PT-2024-11350 · Linux+6 · Linux Kernel+6

Xie Yongji

Published

2021-05-31

Updated

2025-05-12

CVE-2021-47352

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the virtio-net component in the Linux kernel, where validation for used length from potentially untrusted devices was missing, which could lead to data corruption or loss.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-20

Related Identifiers

ALSA-2024:7000

ALSA-2024:7001

BDU:2025-10238

CESA-2024_7000

CESA-2024_7001

CVE-2021-47352

INFSA-2024_7000

INFSA-2024_7001

RHSA-2024:6753

RHSA-2024:6993

RHSA-2024:7000

RHSA-2024:7001

RHSA-2024_7000

RHSA-2024_7001

RLSA-2024:7001

SUSE-SU-2024:1979-1

SUSE-SU-2024:1983-1

SUSE-SU-2024:2184-1

Affected Products

Almalinux

Astra Linux

Centos

Linux Kernel

Red Hat

Rocky Linux

Suse

PT-2024-11350 · Linux+6 · Linux Kernel+6

CVE-2021-47352

Weakness Enumeration

Related Identifiers

Affected Products

References · 882