CVE-2021-47668

Description

In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the netif_rx_ni() in: stats->rx_bytes += cf->len; Reordering the lines solves the issue.

Reserved 2025-04-16 | Published 2025-04-17 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

39549eef3587f1c1e8c65c88a2400d10fd30ea17 before 260925a0b7d2da5449f8ecfd02c1405e0c8a45b8
affected

39549eef3587f1c1e8c65c88a2400d10fd30ea17 before bbc6847b9b8978b520f62fbc7c68c54ef0f8d282
affected

39549eef3587f1c1e8c65c88a2400d10fd30ea17 before 92668d28c7e6a7a2ba07df287669ffcdf650c421
affected

39549eef3587f1c1e8c65c88a2400d10fd30ea17 before 08ab951787098ae0b6c0364aeea7a8138226f234
affected

39549eef3587f1c1e8c65c88a2400d10fd30ea17 before ac48ef15826e83f4206c47add61072e8fc76d328
affected

39549eef3587f1c1e8c65c88a2400d10fd30ea17 before 593c072b7b3c4d7044416eb039d9ad706bedd67a
affected

39549eef3587f1c1e8c65c88a2400d10fd30ea17 before 03f16c5075b22c8902d2af739969e878b0879c94
affected

Default status
affected

2.6.31
affected

Any version before 2.6.31
unaffected

4.4.254
unaffected

4.9.254
unaffected

4.14.218
unaffected

4.19.171
unaffected

5.4.93
unaffected

5.10.11
unaffected

5.11
unaffected

References

git.kernel.org/...c/260925a0b7d2da5449f8ecfd02c1405e0c8a45b8

git.kernel.org/...c/bbc6847b9b8978b520f62fbc7c68c54ef0f8d282

git.kernel.org/...c/92668d28c7e6a7a2ba07df287669ffcdf650c421

git.kernel.org/...c/08ab951787098ae0b6c0364aeea7a8138226f234

git.kernel.org/...c/ac48ef15826e83f4206c47add61072e8fc76d328

git.kernel.org/...c/593c072b7b3c4d7044416eb039d9ad706bedd67a

git.kernel.org/...c/03f16c5075b22c8902d2af739969e878b0879c94

cve.org (CVE-2021-47668)

nvd.nist.gov (CVE-2021-47668)

Download JSON