CVE-2021-47311

net: qcom/emac: fix UAF in emac_remove

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

net: qcom/emac: fix UAF in emac_remove

adpt is netdev private data and it cannot be
used after free_netdev() call. Using adpt after free_netdev()
can cause UAF bug. Fix it by moving free_netdev() at the end of the
function.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: qcom/emac: corrige UAF en emac_remove adpt son datos privados de netdev y no se pueden usar después de la llamada a free_netdev(). Usar adpt después de free_netdev() puede causar un error en UAF. Solucionadlo moviendo free_netdev() al final de la función.

A vulnerability was found in the Linux kernel's Qualcomm EMAC driver, where the emac_remove function can lead to a use-after-free issue when the driver tries to access data after the network device has been freed, causing instability and a crash in the network subsystem.

*Credits: N/A

CVSS Scores

Red Hatv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-08-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-416: Use After Free

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/54e19bc74f3380d414681762ceed9f7245bc6a6e	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/4d04a42b926e682140776e54188f4a44f1f01a81	2021-07-28
https://git.kernel.org/stable/c/b1e091331920f8fbfc747dcbd16263fcd71abb2d	2021-07-28
https://git.kernel.org/stable/c/11e9d163d631198bb3eb41a677a61b499516c0f7	2021-07-28
https://git.kernel.org/stable/c/2b70ca92847c619d6264c7372ef74fcbfd1e048c	2021-07-25
https://git.kernel.org/stable/c/b560521eca03d0a2db6093a5a632cbdd0a0cf833	2021-07-25
https://git.kernel.org/stable/c/8a225a6e07a57a1538d53637cb3d82bd3e477839	2021-07-25
https://git.kernel.org/stable/c/ad297cd2db8953e2202970e9504cab247b6c7cb4	2021-07-09

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2021-47311	2024-08-13
https://bugzilla.redhat.com/show_bug.cgi?id=2282471	2024-08-13

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 4.9.277 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 4.9.277"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 4.14.241 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 4.14.241"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 4.19.199 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 4.19.199"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 5.4.135 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 5.4.135"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 5.10.53 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 5.10.53"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 5.13.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 5.13.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 5.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 5.14"		en		Affected