PT-2025-17217 · Linux+2 · Linux Kernel+2

Published

2025-04-17

Updated

2025-05-21

CVE-2021-47668

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use after free bug has been identified in the Linux kernel. The issue occurs after calling netif rx ni(skb), where dereferencing skb becomes unsafe. Specifically, the can frame cf which aliases skb memory is accessed after netif rx ni() in the line stats->rx bytes += cf->len;. Reordering the lines solves the issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2021-47668

OESA-2025-1465

OPENSUSE-SU-2025_01633-1

SUSE-SU-2025:01600-1

SUSE-SU-2025:01633-1

SUSE-SU-2025:1574-1

SUSE-SU-2025_01600-1

SUSE-SU-2025_01633-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-17217 · Linux+2 · Linux Kernel+2

CVE-2021-47668

Weakness Enumeration

Related Identifiers

Affected Products

References · 290