CVE-2021-47201

iavf: free q_vectors before queues in iavf_disable_vf

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: iavf: free q_vectors before queues in iavf_disable_vf iavf_free_queues() clears adapter->num_active_queues, which
iavf_free_q_vectors() relies on, so swap the order of these two function
calls in iavf_disable_vf(). This resolves a panic encountered when the
interface is disabled and then later brought up again after PF
communication is restored.

In the Linux kernel, the following vulnerability has been resolved: iavf: free q_vectors before queues in iavf_disable_vf iavf_free_queues() clears adapter->num_active_queues, which iavf_free_q_vectors() relies on, so swap the order of these two function calls in iavf_disable_vf(). This resolves a panic encountered when the interface is disabled and then later brought up again after PF communication is restored.

The SUSE Linux Enterprise 15 SP5 Real Time kernel was updated to receive various security bug fixes.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-25 CVE Reserved
2024-04-10 CVE Published
2025-05-04 CVE Updated
2025-05-19 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/65c7006f234c9ede887d468f595f259a5c5cc552	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/926e8c83d4c1c2dac0026637eb0d492df876489e	2021-11-26
https://git.kernel.org/stable/c/78638b47132244e3934dc5dc79f6372d5ce8e98c	2021-11-26
https://git.kernel.org/stable/c/9ef6589cac9a8c47f5544ccdf4c498093733bb3f	2021-11-25
https://git.kernel.org/stable/c/89f22f129696ab53cfbc608e0a2184d0fea46ac1	2021-11-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.13 < 5.4.162 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 5.4.162"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.13 < 5.10.82 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 5.10.82"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.13 < 5.15.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 5.15.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.13 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.13 < 5.16"		en		Affected