Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2021-47301

HistoryMay 21, 2024 - 3:15 p.m.

CVE-2021-47301

2024-05-2115:15:17

Debian Security Bug Tracker

security-tracker.debian.org

linux

kernel

vulnerability

use-after-free

error

igb driver

reset

memory accesses

AI Score

7.2

Confidence

High

EPSS

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igb_poll() runs while the controller is reset this can lead to the driver try to free a skb that was already freed. (The crash is harder to reproduce with the igb driver, but the same potential problem exists as the code is identical to igc)

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 5.14.6-1linux_5.14.6-1_all.deb
Debian11alllinux< 5.10.70-1linux_5.10.70-1_all.deb
Debian999alllinux< 5.14.6-1linux_5.14.6-1_all.deb
Debian13alllinux< 5.14.6-1linux_5.14.6-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 5.14.6-1	linux_5.14.6-1_all.deb
Debian	11	all	linux	< 5.10.70-1	linux_5.10.70-1_all.deb
Debian	999	all	linux	< 5.14.6-1	linux_5.14.6-1_all.deb
Debian	13	all	linux	< 5.14.6-1	linux_5.14.6-1_all.deb