CVE-2021-47236

Published: May 21, 2024Modified: Apr 29, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.

Affected (13)

Products: Linux: Linux Kernel

1 product

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 2.6.30 to 4.4.274
Linux Linux Kernel	From 4.10 to 4.14.238
Linux Linux Kernel	From 4.15 to 4.19.196
Linux Linux Kernel	From 4.20 to 5.4.128
Linux Linux Kernel	From 4.5 to 4.9.274
Linux Linux Kernel	From 5.11 to 5.12.13
Linux Linux Kernel	From 5.5 to 5.10.46
Linux Linux Kernel	Version 5.13 rc1
Linux Linux Kernel	Version 5.13 rc2
Linux Linux Kernel	Version 5.13 rc3
Linux Linux Kernel	Version 5.13 rc4
Linux Linux Kernel	Version 5.13 rc5
Linux Linux Kernel	Version 5.13 rc6

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (16)

https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.