CVE-2021-47520

Published: May 24, 2024Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call netif_receive_skb(skb). Reordering the lines solves the issue.

Affected (7)

Products: Linux: Linux Kernel

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 2.6.37 to 4.4.295
Linux Linux Kernel	From 4.10 to 4.14.258
Linux Linux Kernel	From 4.15 to 4.19.221
Linux Linux Kernel	From 4.20 to 5.4.165
Linux Linux Kernel	From 4.5 to 4.9.293
Linux Linux Kernel	From 5.11 to 5.15.8
Linux Linux Kernel	From 5.5 to 5.10.85

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (16)

https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.