CVE-2021-47301

igb: Fix use-after-free error during reset

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

igb: Fix use-after-free error during reset

Cleans the next descriptor to watch (next_to_watch) when cleaning the
TX ring.

Failure to do so can cause invalid memory accesses. If igb_poll() runs
while the controller is reset this can lead to the driver try to free
a skb that was already freed.

(The crash is harder to reproduce with the igb driver, but the same
potential problem exists as the code is identical to igc)

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: igb: corrige el error de use after free durante el reinicio. Limpia el siguiente descriptor a observar (next_to_watch) al limpiar el anillo TX. De lo contrario, se pueden producir accesos a la memoria no válidos. Si igb_poll() se ejecuta mientras se reinicia el controlador, esto puede hacer que el controlador intente liberar un skb que ya estaba liberado. (El fallo es más difícil de reproducir con el controlador igb, pero existe el mismo problema potencial ya que el código es idéntico al de igc)

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
https://git.kernel.org/stable/c/7cc6fd4c60f267e17b0baef1580d7a6258c0a6f0	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8	2021-07-28
https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492	2021-07-28
https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f	2021-07-28
https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240	2021-07-28
https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c	2021-07-28
https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e	2021-07-01

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 4.14.241 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 4.14.241"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 4.19.199 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 4.19.199"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.4.136 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.4.136"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.10.54 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.10.54"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.13.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.13.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.14"		en		Affected