Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2021-47049
HistoryFeb 28, 2024 - 8:13 a.m.

CVE-2021-47049 Drivers: hv: vmbus: Use after free in __vmbus_open()

2024-02-2808:13:52
Linux
www.cve.org
linux kernel
vulnerability resolved
use after free
error handling
cve

0.0004 Low

EPSS

Percentile

15.6%

JSON

In the Linux kernel, the following vulnerability has been resolved:

Drivers: hv: vmbus: Use after free in __vmbus_open()

The “open_info” variable is added to the &vmbus_connection.chn_msg_list,
but the error handling frees “open_info” without removing it from the
list. This will result in a use after free. First remove it from the
list, and then free it.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/hv/channel.c"
    ],
    "versions": [
      {
        "version": "6f3d791f3006",
        "lessThan": "d5c7b42c9f56",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6f3d791f3006",
        "lessThan": "f37dd5d1b5d3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6f3d791f3006",
        "lessThan": "2728f289b327",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6f3d791f3006",
        "lessThan": "3e9bf43f7f7a",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/hv/channel.c"
    ],
    "versions": [
      {
        "version": "4.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "4.14",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.37",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.11.21",
        "lessThanOrEqual": "5.11.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.12.4",
        "lessThanOrEqual": "5.12.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.13",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

redhatcve 1
debiancve 1
nvd 1
ubuntucve 1
prion 1
cve 1
nessus 8
openvas 2
redhatcve
redhatcve
CVE-2021-47049
2024-02-29 11:02:36
debiancve
debiancve
CVE-2021-47049
2024-02-28 09:15:40
nvd
nvd
CVE-2021-47049
2024-02-28 09:15:40
ubuntucve
ubuntucve
CVE-2021-47049
2024-02-28 00:00:00
prion
prion
Spoofing
2024-02-28 09:15:00
cve
cve
CVE-2021-47049
2024-02-28 09:15:40
nessus
nessus
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1592)
2024-05-09 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)
2024-04-29 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1648-1)
2024-05-15 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1592)
2024-05-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1643-1)
2024-05-15 00:00:00

0.0004 Low

EPSS

Percentile

15.6%

JSON
Related for CVELIST:CVE-2021-47049
redhatcve1debiancve1nvd1ubuntucve1prion1cve1nessus8openvas2