CVE-2021-47232

high

Description

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found by the syzbot. The problem is that a skb is taken from the per-session skb queue, without incrementing the ref count. This leads to a Use-after-Free if the skb is taken concurrently from the session queue due to a CTS.

References

https://git.kernel.org/stable/c/509ab6bfdd0c76daebbad0f0af07da712116de22

https://git.kernel.org/stable/c/22cba878abf646cd3a02ee7c8c2cef7afe66a256

https://git.kernel.org/stable/c/2030043e616cab40f510299f09b636285e0a3678

https://git.kernel.org/stable/c/1071065eeb33d32b7d98c2ce7591881ae7381705

Details

Source: Mitre, NVD

Published: 2024-05-21

Updated: 2024-07-03

Risk Information

CVSS v2

Base Score: 9.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High