CVE-2021-47310

net: ti: fix UAF in tlan_remove_one

Severity Score

4.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be
used after free_netdev() call. Using priv after free_netdev()
can cause UAF bug. Fix it by moving free_netdev() at the end of the
function.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: ti: corrige UAF en tlan_remove_one priv son datos privados de netdev y no se pueden usar después de la llamada free_netdev(). Usar priv después de free_netdev() puede causar un error en UAF. Solucionarlo moviendo free_netdev() al final de la función.

A vulnerability was found in the Linux kernel's TI TLAN driver, where the tlan_remove_one function can lead to a use-after-free issue when the driver attempts to access private data after the network device has already been freed, potentially causing system instability or crash.

In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function.

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include double free and use-after-free vulnerabilities.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-12-19 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-416: Use After Free

CAPEC

References (11)

URL	Tag	Source
https://git.kernel.org/stable/c/1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/a18a8d9cfbb112ad72e625372849adc3986fd6bf	2021-07-28
https://git.kernel.org/stable/c/c263ae8c7e4c482387de5e6c89e213f8173fe8b6	2021-07-28
https://git.kernel.org/stable/c/0538b0ab7d2c396e385694228c7cdcd2d2c514e9	2021-07-28
https://git.kernel.org/stable/c/a0a817b2d308fac090a05cbbe80988e073ac5193	2021-07-28
https://git.kernel.org/stable/c/b7e5563f2a7862a9e4796abb9908b092f677e3c1	2021-07-25
https://git.kernel.org/stable/c/f2a062fcfe1d6f1b0a86fa76ae21c277d65f4405	2021-07-25
https://git.kernel.org/stable/c/93efab0ef2a607fff9166d447c4035f98b5db342	2021-07-25
https://git.kernel.org/stable/c/0336f8ffece62f882ab3012820965a786a983f70	2021-07-09

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2021-47310	2024-07-23
https://bugzilla.redhat.com/show_bug.cgi?id=2282472	2024-07-23

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 4.4.277 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 4.4.277"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 4.9.277 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 4.9.277"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 4.14.241 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 4.14.241"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 4.19.199 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 4.19.199"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 5.4.135 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 5.4.135"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 5.10.53 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 5.10.53"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 5.13.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 5.13.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.10 < 5.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.10 < 5.14"		en		Affected