How severe is CVE-2021-47224?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.2 out of 10.

What type of vulnerability is CVE-2021-47224?

This is classified as CWE-416, which is a common weakness in software security.

CVE-2021-47224 - MEDIUM Severity | CVSS 6.2

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple and efficient way to free the skb buffer when the frame has been transmitted. But in order to avoid freeing the skb while there are still fragments from the skb in use, we need to piggy-back on the TX BD of the skb, not the first. Without this, we are doing use-after-free on the DMA side, when the first BD of a multi TX BD packet is seen as completed in xmit_done, and the remaining BDs are still being processed.

Related Vulnerabilities

CVE-2018-14619

MEDIUM

CVSS:6.2(Medium)

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed...

CWE-4162018

CVE-2021-47375

MEDIUM

CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blk_trace access after removing by sysfs There is an use-after-free problem triggered by following process: P1(...

CWE-4162021

CVE-2022-48674

MEDIUM

CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIG_SMP disabled, KASAN reports as below: =========...

CWE-4162022

CVE-2022-48686

MEDIUM

CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't...

CWE-4162022

CVE-2023-52838

MEDIUM

CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug is that if init_imstt() fails we need to...

CWE-4162023

CVE-2024-25385

MEDIUM

CVSS:6.2(Medium)

An issue in flvmeta v.1.2.2 allows a local attacker to cause a denial of service via the flvmeta/src/flv.c:375:21 function in flv_close.

CWE-4162024