CVE-2021-47294

netrom: Decrease sock refcount when sock timers expire

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

netrom: Decrease sock refcount when sock timers expire

Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use
sock timer API. It replaces mod_timer() by sk_reset_timer(), and
del_timer() by sk_stop_timer().

Function sk_reset_timer() will increase the refcount of sock if it is
called on an inactive timer, hence, in case the timer expires, we need to
decrease the refcount ourselves in the handler, otherwise, the sock
refcount will be unbalanced and the sock will never be freed.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netrom: Disminuir el recuento de sock cuando caducan los temporizadores de sock. La confirmación 63346650c1a9 ("netrom: cambiar a API de temporizador de sock") cambió para usar la API de temporizador de sock. Reemplaza mod_timer() por sk_reset_timer() y del_timer() por sk_stop_timer(). La función sk_reset_timer() aumentará el recuento del sock si se llama en un temporizador inactivo, por lo tanto, en caso de que el temporizador expire, debemos disminuir el recuento nosotros mismos en el controlador; de lo contrario, el recuento del calcetín se desequilibrará y el sock nunca será liberado.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (15)

URL	Tag	Source
https://git.kernel.org/stable/c/ce29e8a259de767f7210d346ad2b031cb8ab2732	Vuln. Introduced
https://git.kernel.org/stable/c/baa9e32336bf6d0d74a7c3486d2a27feaf57cd5f	Vuln. Introduced
https://git.kernel.org/stable/c/0adf571fa34b27bd0b97b408cc0f0dc54b72f0eb	Vuln. Introduced
https://git.kernel.org/stable/c/2c6b572458a9127e8070df13fa7f115c29ab1d92	Vuln. Introduced
https://git.kernel.org/stable/c/63346650c1a94a92be61a57416ac88c0a47c4327	Vuln. Introduced
https://git.kernel.org/stable/c/f1d9a1f2ef6ff17293d21d5e6b80e04bea0cf508	Vuln. Introduced
https://git.kernel.org/stable/c/519e8a22a454b1f1baa3a151b184fe51bc18e178	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/853262355518cd1247515b74e83fabf038aa6c29	2021-07-28
https://git.kernel.org/stable/c/a01634bf91f2b6c42583770eb6815fb6d1e251cf	2021-07-28
https://git.kernel.org/stable/c/48866fd5c361ea417ed24b43fc2a7dc2f5b060ef	2021-07-28
https://git.kernel.org/stable/c/9619cc7d97c3aa8ed3cfd2b8678b74fb6d6c7950	2021-07-28
https://git.kernel.org/stable/c/25df44e90ff5959b5c24ad361b648504a7e39ef3	2021-07-28
https://git.kernel.org/stable/c/6811744bd0efb9e472cb15d066cdb460beb8cb8a	2021-07-28
https://git.kernel.org/stable/c/bc1660206c3723c37ed4d622ad81781f1e987250	2021-07-28
https://git.kernel.org/stable/c/517a16b1a88bdb6b530f48d5d153478b2552d9a8	2021-07-18

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.4.173 < 4.4.277 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.4.173 < 4.4.277"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9.155 < 4.9.277 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9.155 < 4.9.277"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14.98 < 4.14.241 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14.98 < 4.14.241"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19.20 < 4.19.199 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.20 < 4.19.199"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 5.4.136 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 5.4.136"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 5.10.54 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 5.10.54"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 5.13.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 5.13.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.0 < 5.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.0 < 5.14"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				3.18.134 Search vendor "Linux" for product "Linux Kernel" and version "3.18.134"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.20.7 Search vendor "Linux" for product "Linux Kernel" and version "4.20.7"		en		Affected