VIR Vulnerability Intelligence Relay

CVE-2021-47668

unknown
Published — · Modified —
CVSS v3
VIR risk

Description

In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the netif_rx_ni() in: stats->rx_bytes += cf->len; Reordering the lines solves the issue.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debianbookwormfixed5.10.12-1
debian debianbullseyefixed5.10.12-1
debian debianforkyfixed5.10.12-1
debian debiansidfixed5.10.12-1
debian debiantrixiefixed5.10.12-1

References

💬 Discuss CVE-2021-47668 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.