CVE-2021-47402

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.0-rc2+

Description The vulnerability is related to a use-after-free issue in the fl walk function of the Linux kernel's cls flower module. This issue occurs when a filter is deleted concurrently while the fl walk function is iterating over it, causing a use-after-free error. The vulnerability can be exploited by an attacker to potentially execute arbitrary code or cause a denial-of-service condition.

The fl walk function has been refactored to use idr for each entry continue ul and to obtain an RCU read lock while iterating over the filters, which should prevent the use-after-free issue. The vulnerability has been identified through a KASAN (Kernel Address Sanitizer) trace.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, update to a version later than 5.15.0-rc2+.

As a temporary workaround, consider disabling the fl walk function until a patch is available. However, this may have unintended consequences and should be carefully evaluated before implementation.

Note: The provided information does not specify the exact version that includes the fix, so it is recommended to update to the latest available version of the Linux kernel.