AI Score
Confidence
Low
EPSS
Percentile
15.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
In the Linux kernel, the following vulnerability has been resolved:
can: j1939: fix Use-after-Free, hold skb ref while in use
This patch fixes a Use-after-Free found by the syzbot.
The problem is that a skb is taken from the per-session skb queue,
without incrementing the ref count. This leads to a Use-after-Free if
the skb is taken concurrently from the session queue due to a CTS.
[
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "9d71dd0c7009",
"lessThan": "22cba878abf6 ",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "9d71dd0c7009",
"lessThan": " 509ab6bfdd0c ",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "9d71dd0c7009",
"lessThan": "1071065eeb33 ",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "9d71dd0c7009",
"lessThan": "2030043e616c ",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": "5.4.128",
"lessThan": "5.5",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": " 5.10.46",
"lessThan": "5.11",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": "5.12.13",
"lessThan": "5.13",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": "5.13"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "unaffected",
"version": "0",
"lessThan": "5.4",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:5.4:-:*:*:*:*:*:*"
],
"vendor": "linux",
"product": "linux_kernel",
"versions": [
{
"status": "affected",
"version": "5.4"
}
],
"defaultStatus": "unknown"
}
]