CVE-2021-46991

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix use-after-free in i40e_client_subtask() Currently the call to i40e_client_del_instance frees the object pf->cinst, however pf->cinst->lan_info is being accessed after the free. Fix this by adding the missing return. Addresses-Coverity: ("Read from pointer after free")

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1fd5d262e7442192ac7611ff1597a36c5b044323	Patch
https://git.kernel.org/stable/c/38318f23a7ef86a8b1862e5e8078c4de121960c3	Patch
https://git.kernel.org/stable/c/4ebc10aa7cd17fd9857dedac69600465c9dd16d1	Patch
https://git.kernel.org/stable/c/829a713450b8fb127cbabfc1244c1d8179ec5107	Patch
https://git.kernel.org/stable/c/c1322eaeb8af0d8985b5cc5fa759140fa0e57b84	Patch
https://git.kernel.org/stable/c/d718c15a2bf9ae082d5ae4d177fb19ef23cb4132	Patch
https://git.kernel.org/stable/c/1fd5d262e7442192ac7611ff1597a36c5b044323	Patch
https://git.kernel.org/stable/c/38318f23a7ef86a8b1862e5e8078c4de121960c3	Patch
https://git.kernel.org/stable/c/4ebc10aa7cd17fd9857dedac69600465c9dd16d1	Patch
https://git.kernel.org/stable/c/829a713450b8fb127cbabfc1244c1d8179ec5107	Patch
https://git.kernel.org/stable/c/c1322eaeb8af0d8985b5cc5fa759140fa0e57b84	Patch
https://git.kernel.org/stable/c/d718c15a2bf9ae082d5ae4d177fb19ef23cb4132	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

06 Dec 2024, 15:27

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/1fd5d262e7442192ac7611ff1597a36c5b044323 -~~	() https://git.kernel.org/stable/c/1fd5d262e7442192ac7611ff1597a36c5b044323 - Patch
References	~~() https://git.kernel.org/stable/c/38318f23a7ef86a8b1862e5e8078c4de121960c3 -~~	() https://git.kernel.org/stable/c/38318f23a7ef86a8b1862e5e8078c4de121960c3 - Patch
References	~~() https://git.kernel.org/stable/c/4ebc10aa7cd17fd9857dedac69600465c9dd16d1 -~~	() https://git.kernel.org/stable/c/4ebc10aa7cd17fd9857dedac69600465c9dd16d1 - Patch
References	~~() https://git.kernel.org/stable/c/829a713450b8fb127cbabfc1244c1d8179ec5107 -~~	() https://git.kernel.org/stable/c/829a713450b8fb127cbabfc1244c1d8179ec5107 - Patch
References	~~() https://git.kernel.org/stable/c/c1322eaeb8af0d8985b5cc5fa759140fa0e57b84 -~~	() https://git.kernel.org/stable/c/c1322eaeb8af0d8985b5cc5fa759140fa0e57b84 - Patch
References	~~() https://git.kernel.org/stable/c/d718c15a2bf9ae082d5ae4d177fb19ef23cb4132 -~~	() https://git.kernel.org/stable/c/d718c15a2bf9ae082d5ae4d177fb19ef23cb4132 - Patch
CWE		CWE-416
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
First Time		Linux linux Kernel Linux

21 Nov 2024, 06:35

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i40e: Se corrige use-after-free en i40e_client_subtask() Actualmente la llamada a i40e_client_del_instance libera el objeto pf->cinst, sin embargo se accede a pf->cinst->lan_info después de gratis. Solucione este problema agregando la declaración que falta. Direcciones-Cobertura: ("Leer desde el puntero después de estar libre")
References	~~() https://git.kernel.org/stable/c/1fd5d262e7442192ac7611ff1597a36c5b044323 -~~	() https://git.kernel.org/stable/c/1fd5d262e7442192ac7611ff1597a36c5b044323 -
References	~~() https://git.kernel.org/stable/c/38318f23a7ef86a8b1862e5e8078c4de121960c3 -~~	() https://git.kernel.org/stable/c/38318f23a7ef86a8b1862e5e8078c4de121960c3 -
References	~~() https://git.kernel.org/stable/c/4ebc10aa7cd17fd9857dedac69600465c9dd16d1 -~~	() https://git.kernel.org/stable/c/4ebc10aa7cd17fd9857dedac69600465c9dd16d1 -
References	~~() https://git.kernel.org/stable/c/829a713450b8fb127cbabfc1244c1d8179ec5107 -~~	() https://git.kernel.org/stable/c/829a713450b8fb127cbabfc1244c1d8179ec5107 -
References	~~() https://git.kernel.org/stable/c/c1322eaeb8af0d8985b5cc5fa759140fa0e57b84 -~~	() https://git.kernel.org/stable/c/c1322eaeb8af0d8985b5cc5fa759140fa0e57b84 -
References	~~() https://git.kernel.org/stable/c/d718c15a2bf9ae082d5ae4d177fb19ef23cb4132 -~~	() https://git.kernel.org/stable/c/d718c15a2bf9ae082d5ae4d177fb19ef23cb4132 -

28 Feb 2024, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-28 09:15

Updated : 2024-12-06 15:27

NVD link : CVE-2021-46991

Mitre link : CVE-2021-46991

CVE.ORG link : CVE-2021-46991

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-416

Use After Free

7.8 /10