Showing 1 - 3 of 3

CVE-2021-47459

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv It will trigger UAF for rx_kref of j1939_priv as following. cpu0 cpu1 j1939_sk_bind(socket0, ndev0, ...) j1939_netdev_start j1939_sk_bind(socket1, ndev0, ...) j1939_netdev_start j1939_priv_set j1939_priv_get_by_ndev_locked j1939_jsk_add ..... j1939_netdev_stop kref_put_lock(&priv->rx_kref, ...) kref_get(&priv->rx_kref, ...) REFCOUNT_WARN("addition on 0;...") ==================================================== refcount_t: addition on 0; use-after-free. WARNING: CPU: 1 PID: 20874 at lib/refcount.c:25 refcount_warn_saturate+0x169/0x1e0 RIP: 0010:refcount_warn_saturate+0x169/0x1e0 Call Trace: j1939_netdev_start+0x68b/0x920 j1939_sk_bind+0x426/0xeb0 ? security_socket_bind+0x83/0xb0 The rx_kref's kref_get() and kref_put() should use j1939_netdev_lock to protect.

Related Files

Red Hat Security Advisory 2024-4928-03: Posted Jul 31, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4928-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include a null pointer vulnerability.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2021-47459; SHA-256 | d85c1911157700d246f802349435694ee3fd873de2f76eb6b9c87f5544c9f2fe; Download | Favorite | View

Red Hat Security Advisory 2024-4831-03: Posted Jul 25, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4831-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2021-47459; SHA-256 | 4aacf55bed991ae5915163002d4c0931d77b4416499746b7ff222256d1ceda5b; Download | Favorite | View

Red Hat Security Advisory 2024-4823-03: Posted Jul 25, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-4823-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include denial of service, double free, and information leakage vulnerabilities.; tags | advisory, denial of service, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2021-47459; SHA-256 | bb2770371dedc5387519b73a580dddc764d46a102f08fa7e2a09adfa83d0b18c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2021-47459

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems