Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-47236

Опубликовано: 21 мая 2024
Источник: redhat
CVSS3: 5.1
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2024:435208.07.2024
Red Hat Enterprise Linux 8kernelFixedRHSA-2024:421102.07.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-402
https://bugzilla.redhat.com/show_bug.cgi?id=2282581kernel: net: cdc_eem: fix tx fixup skb leak

EPSS

Процентиль: 13%
0.00044
Низкий

5.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-47236

CVSS3: 5.5
ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.

nvd логотип

CVE-2021-47236

CVSS3: 5.5
nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.

debian логотип

CVE-2021-47236

CVSS3: 5.5
debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: n ...

github логотип

GHSA-3w59-vx6f-4274

CVSS3: 5.5
github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.

oracle-oval логотип

ELSA-2024-12606

oracle-oval
10 месяцев назад

ELSA-2024-12606: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 13%
0.00044
Низкий

5.1 Medium

CVSS3