PT-2024-11451 · Linux+3 · Linux Kernel+3

Syzbot

Published

2021-10-09

Updated

2025-01-21

CVE-2021-47457

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13.0-rc7+

Description The issue arises from the use of wait event interruptible() in isotp sendmsg() without checking its result, which can lead to interruptions and multiple accessors for the TX buffer, causing interference between processes. This problem was reported by syzbot and is associated with the isotp tx timer handler() function.

Recommendations To resolve the issue, add a result check for wait event interruptible() in isotp sendmsg() to avoid multiple accessors for the TX buffer. As a temporary workaround, consider disabling the isotp sendmsg() function until a patch is available. Restrict access to the isotp module to minimize the risk of exploitation. Avoid using the wait event interruptible() function in isotp sendmsg() until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-99

Related Identifiers

BDU:2025-14238

CVE-2021-47457

INFSA-2024_9315

OPENSUSE-SU-2024_2189-1

RHSA-2024:9315

RHSA-2024_9315

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

Affected Products

Astra Linux

Linux Kernel

Red Hat

Suse

PT-2024-11451 · Linux+3 · Linux Kernel+3

CVE-2021-47457

Weakness Enumeration

Related Identifiers

Affected Products

References · 1251