PT-2024-11384 · Linux+2 · Linux Kernel+2

Johannes Berg

Published

2021-09-27

Updated

2024-12-30

CVE-2021-47388

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue has been resolved in the Linux kernel, specifically in the mac80211 module. The issue occurred when PN checking was done for fragmentation, and the hdr variable was used without being necessarily valid, potentially leading to use-after-free if parts of the frame needed to be reallocated. The fix involves reloading the variable after the code that results in reallocations, if any.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2025-07463

CVE-2021-47388

OESA-2024-1692

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2892-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2940-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2024-11384 · Linux+2 · Linux Kernel+2

CVE-2021-47388

Weakness Enumeration

Related Identifiers

Affected Products

References · 1815