CVE-2021-47236

net: cdc_eem: fix tx fixup skb leak

Severity Score

5.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(),
if skb_copy_expand() failed, it return NULL,
usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first,
then check skb clone status, if failed, return NULL to usbnet.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: cdc_eem: corrige la fuga de skb de reparación de tx cuando usbnet transmite un skb, eem lo repara en eem_tx_fixup(), si skb_copy_expand() falla, devuelve NULL, usbnet_start_xmit() No tendrá posibilidad de liberar el skb original. solucionelo primero con skb original gratuito en eem_tx_fixup(), luego verifique el estado del clon de skb, si falla, devuelva NULL a usbnet.

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

Low

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-04-10 CVE Reserved
2024-05-21 CVE Published
2024-12-19 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak')

CAPEC

References (11)

URL	Tag	Source
https://git.kernel.org/stable/c/9f722c0978b04acba209f8ca1896ad05814bc3a3	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65	2021-06-30
https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df	2021-06-30
https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e	2021-06-30
https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d	2021-06-30
https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f	2021-06-23
https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02	2021-06-23
https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88	2021-06-23
https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7	2021-06-17

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2021-47236	2024-07-08
https://bugzilla.redhat.com/show_bug.cgi?id=2282581	2024-07-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 4.4.274 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 4.4.274"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 4.9.274 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 4.9.274"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 4.14.238 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 4.14.238"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 4.19.196 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 4.19.196"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 5.4.128 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.4.128"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 5.10.46 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.10.46"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 5.12.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.12.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.30 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.30 < 5.13"		en		Affected