cvelistv5 - cve-2021-47520

cve-2021-47520

Vulnerability from cvelistv5

Published

2024-05-24 15:09

Modified

2024-08-04 05:39

Severity

Summary

can: pch_can: pch_can_rx_normal: fix use after free

References

Source	URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d	Patch

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47520",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T18:03:24.271974Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T18:03:39.525Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.800Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/can/pch_can.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bafe343a885c",
              "status": "affected",
              "version": "b21d18b51b31",
              "versionType": "git"
            },
            {
              "lessThan": "3a3c46e2eff0",
              "status": "affected",
              "version": "b21d18b51b31",
              "versionType": "git"
            },
            {
              "lessThan": "affbad02bf80",
              "status": "affected",
              "version": "b21d18b51b31",
              "versionType": "git"
            },
            {
              "lessThan": "3e193ef4e0a3",
              "status": "affected",
              "version": "b21d18b51b31",
              "versionType": "git"
            },
            {
              "lessThan": "abb4eff3dcd2",
              "status": "affected",
              "version": "b21d18b51b31",
              "versionType": "git"
            },
            {
              "lessThan": "703dde112021",
              "status": "affected",
              "version": "b21d18b51b31",
              "versionType": "git"
            },
            {
              "lessThan": "6c73fc931658",
              "status": "affected",
              "version": "b21d18b51b31",
              "versionType": "git"
            },
            {
              "lessThan": "94cddf1e9227",
              "status": "affected",
              "version": "b21d18b51b31",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/can/pch_can.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.37"
            },
            {
              "lessThan": "2.6.37",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.295",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.293",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.258",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.221",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.165",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.85",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.8",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: pch_can: pch_can_rx_normal: fix use after free\n\nAfter calling netif_receive_skb(skb), dereferencing skb is unsafe.\nEspecially, the can_frame cf which aliases skb memory is dereferenced\njust after the call netif_receive_skb(skb).\n\nReordering the lines solves the issue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T05:09:23.294Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d"
        },
        {
          "url": "https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76"
        },
        {
          "url": "https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3"
        },
        {
          "url": "https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa"
        },
        {
          "url": "https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4"
        },
        {
          "url": "https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db"
        }
      ],
      "title": "can: pch_can: pch_can_rx_normal: fix use after free",
      "x_generator": {
        "engine": "bippy-a5840b7849dd"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47520",
    "datePublished": "2024-05-24T15:09:33.796Z",
    "dateReserved": "2024-05-24T15:02:54.824Z",
    "dateUpdated": "2024-08-04T05:39:59.800Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-47520\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-24T15:15:14.003\",\"lastModified\":\"2024-06-10T18:42:47.233\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncan: pch_can: pch_can_rx_normal: fix use after free\\n\\nAfter calling netif_receive_skb(skb), dereferencing skb is unsafe.\\nEspecially, the can_frame cf which aliases skb memory is dereferenced\\njust after the call netif_receive_skb(skb).\\n\\nReordering the lines solves the issue.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: pch_can: pch_can_rx_normal: corregir el use after free despu\u00e9s de llamar a netif_receive_skb(skb), desreferenciar skb no es seguro. Especialmente, el can_frame cf que alias la memoria skb se desreferencia justo despu\u00e9s de la llamada netif_receive_skb(skb). Reordenar las l\u00edneas resuelve el problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.37\",\"versionEndExcluding\":\"4.4.295\",\"matchCriteriaId\":\"0BFBC5B8-3555-4F40-8066-0E6481B4B7F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.293\",\"matchCriteriaId\":\"5D107324-F4B9-4146-BACC-391E95D41D67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.258\",\"matchCriteriaId\":\"71B2A056-7541-4FF3-859E-C55955DDA2DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.221\",\"matchCriteriaId\":\"CECDDE2F-DEEF-4D3A-85FF-6AEBA16D225B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.165\",\"matchCriteriaId\":\"B1DD3148-41FC-42AC-96A5-F63D774A97A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.85\",\"matchCriteriaId\":\"D9668578-08F7-4694-A86F-FCE448387A79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.8\",\"matchCriteriaId\":\"6664ACE2-F748-4AE5-B98B-58803B0B2C3E\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}

wid-sec-w-2024-1235

Vulnerability from csaf_certbund

Published

2024-05-26 22:00

Modified

2024-07-23 22:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder unspezifische Angriffe durchzuführen.

Betroffene Betriebssysteme

- Linux