CVE-2021-47235
Published: May 21, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ec_bhf_remove static void ec_bhf_remove(struct pci_dev *dev) { ... struct ec_bhf_priv *priv = netdev_priv(net_dev); unregister_netdev(net_dev); free_netdev(net_dev); pci_iounmap(dev, priv->dma_io); pci_iounmap(dev, priv->io); ... } priv is netdev private data, but it is used after free_netdev(). It can cause use-after-free when accessing priv pointer. So, fix it by moving free_netdev() after pci_iounmap() calls.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 6af55ff52b02d492d45db88df3e461fa51a6f753 - < db2bc3cfd2bc01621014d4f17cdfc74611f339c8affected 6af55ff52b02d492d45db88df3e461fa51a6f753 - < 1cafc540b7bf1b6a5a77dc000205fe337ef6eba6affected 6af55ff52b02d492d45db88df3e461fa51a6f753 - < b1ad283755095a4b9d1431aeb357d7df1a33d3bbaffected 6af55ff52b02d492d45db88df3e461fa51a6f753 - < 0260916843cc74f3906acf8b6f256693e01530a2affected 6af55ff52b02d492d45db88df3e461fa51a6f753 - < 19f88ca68ccf8771276a606765239b167654f84a+3 more versions |
Linux | Linux | affected 3.15unaffected 0 - < 3.15unaffected 4.4.274 - <= 4.4.*unaffected 4.9.274 - <= 4.9.*unaffected 4.14.238 - <= 4.14.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now