CVE-2021-47311

net: qcom/emac: fix UAF in emac_remove

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be
used after free_netdev() call. Using adpt after free_netdev()
can cause UAF bug. Fix it by moving free_netdev() at the end of the
function.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: qcom/emac: corrige UAF en emac_remove adpt son datos privados de netdev y no se pueden usar después de la llamada a free_netdev(). Usar adpt después de free_netdev() puede causar un error en UAF. Solucionadlo moviendo free_netdev() al final de la función.

A vulnerability was found in the Linux kernel's Qualcomm EMAC driver, where the emac_remove function can lead to a use-after-free issue when the driver tries to access data after the network device has been freed, causing instability and a crash in the network subsystem.

In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function.

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include memory leak, null pointer, spoofing, and use-after-free vulnerabilities.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-12-19 CVE Updated
2025-03-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-416: Use After Free

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/54e19bc74f3380d414681762ceed9f7245bc6a6e	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/4d04a42b926e682140776e54188f4a44f1f01a81	2021-07-28
https://git.kernel.org/stable/c/b1e091331920f8fbfc747dcbd16263fcd71abb2d	2021-07-28
https://git.kernel.org/stable/c/11e9d163d631198bb3eb41a677a61b499516c0f7	2021-07-28
https://git.kernel.org/stable/c/2b70ca92847c619d6264c7372ef74fcbfd1e048c	2021-07-25
https://git.kernel.org/stable/c/b560521eca03d0a2db6093a5a632cbdd0a0cf833	2021-07-25
https://git.kernel.org/stable/c/8a225a6e07a57a1538d53637cb3d82bd3e477839	2021-07-25
https://git.kernel.org/stable/c/ad297cd2db8953e2202970e9504cab247b6c7cb4	2021-07-09

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2021-47311	2024-08-13
https://bugzilla.redhat.com/show_bug.cgi?id=2282471	2024-08-13

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 4.9.277 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 4.9.277"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 4.14.241 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 4.14.241"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 4.19.199 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 4.19.199"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 5.4.135 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 5.4.135"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 5.10.53 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 5.10.53"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 5.13.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 5.13.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.9 < 5.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 5.14"		en		Affected