LinuxVULNRICHMENT:CVE-2021-47520CVE-2021-47520 can: pch_can: pch_can_rx_normal: fix use after free
AI Score
Confidence
Low
EPSS
Percentile
5.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
In the Linux kernel, the following vulnerability has been resolved:
can: pch_can: pch_can_rx_normal: fix use after free
After calling netif_receive_skb(skb), dereferencing skb is unsafe.
Especially, the can_frame cf which aliases skb memory is dereferenced
just after the call netif_receive_skb(skb).
Reordering the lines solves the issue.
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "b21d18b51b31",
"lessThan": "bafe343a885c",
"versionType": "git"
},
{
"status": "affected",
"version": "b21d18b51b31",
"lessThan": "3a3c46e2eff0",
"versionType": "git"
},
{
"status": "affected",
"version": "b21d18b51b31",
"lessThan": "affbad02bf80",
"versionType": "git"
},
{
"status": "affected",
"version": "b21d18b51b31",
"lessThan": "3e193ef4e0a3",
"versionType": "git"
},
{
"status": "affected",
"version": "b21d18b51b31",
"lessThan": "abb4eff3dcd2",
"versionType": "git"
},
{
"status": "affected",
"version": "b21d18b51b31",
"lessThan": "703dde112021",
"versionType": "git"
},
{
"status": "affected",
"version": "b21d18b51b31",
"lessThan": "6c73fc931658",
"versionType": "git"
},
{
"status": "affected",
"version": "b21d18b51b31",
"lessThan": "94cddf1e9227",
"versionType": "git"
}
],
"programFiles": [
"drivers/net/can/pch_can.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.37"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "2.6.37",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.4.295",
"versionType": "custom",
"lessThanOrEqual": "4.4.*"
},
{
"status": "unaffected",
"version": "4.9.293",
"versionType": "custom",
"lessThanOrEqual": "4.9.*"
},
{
"status": "unaffected",
"version": "4.14.258",
"versionType": "custom",
"lessThanOrEqual": "4.14.*"
},
{
"status": "unaffected",
"version": "4.19.221",
"versionType": "custom",
"lessThanOrEqual": "4.19.*"
},
{
"status": "unaffected",
"version": "5.4.165",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.85",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.15.8",
"versionType": "custom",
"lessThanOrEqual": "5.15.*"
},
{
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/net/can/pch_can.c"
],
"defaultStatus": "affected"
}
]References
git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76
git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa
git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7
git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e
git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db
git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4
git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3
git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d
Related
AI Score
Confidence
Low
EPSS
Percentile
5.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial