Lucene search
Redhat.comRH:CVE-2021-47235HistoryMay 23, 2024 - 2:01 p.m.
CVE-2021-47235
2024-05-2314:01:38
redhat.com
access.redhat.com
6
linux kernel
cve-2021-47235
use-after-free
ethernet
net
pci_iounmap
priv pointer
mitigation
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ec_bhf_remove static void ec_bhf_remove(struct pci_dev *dev) { … struct ec_bhf_priv *priv = netdev_priv(net_dev); unregister_netdev(net_dev); free_netdev(net_dev); pci_iounmap(dev, priv->dma_io); pci_iounmap(dev, priv->io); … } priv is netdev private data, but it is used after free_netdev(). It can cause use-after-free when accessing priv pointer. So, fix it by moving free_netdev() after pci_iounmap() calls.
Mitigation
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Related
vulnrichment
vulnrichment
CVE-2021-47235 net: ethernet: fix potential use-after-free in ec_bhf_remove
2024-05-21 14:19:37
ubuntucve
ubuntucve
CVE-2021-47235
2024-05-21 00:00:00
nvd
nvd
CVE-2021-47235
2024-05-21 15:15:12
debiancve
debiancve
CVE-2021-47235
2024-05-21 15:15:12
osv
osv
CVE-2021-47235
2024-05-21 15:15:00
Security update for the Linux Kernel
2024-06-12 16:39:35
Security update for the Linux Kernel
2024-06-11 07:41:39
cvelist
cvelist
CVE-2021-47235 net: ethernet: fix potential use-after-free in ec_bhf_remove
2024-05-21 14:19:37
cve
cve
CVE-2021-47235
2024-05-21 15:15:12
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2185-1)
2024-06-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1983-1)
2024-06-12 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:2184-1)
2024-06-25 00:00:00