How severe is CVE-2021-47293?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2021-47293?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2021-47293

HIGH Year: 2021

CVSS v3 Score

7.8

High

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. As an example, for CAN devices: $ ip link add dev vcan0 type vcan $ ip link set up vcan0 $ tc qdisc add dev vcan0 root handle 1: htb $ tc filter add dev vcan0 parent 1: protocol ip prio 10 \ matchall action skbmod swap mac Doing the above silently corrupts all the packets. Do not perform skbmod actions for non-Ethernet packets.

CVE-2006-4663

HIGH

CVSS:7.8(High)

The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions specifies weak permissions (0666 and 0777) for certain files and directories, which might allow local use...

NVD-CWE-Other2006

CVE-2006-6165

HIGH

CVSS:7.8(High)

ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variabl...

NVD-CWE-Other2006

CVE-2007-0257

HIGH

CVSS:7.8(High)

Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating ...

NVD-CWE-Other2007

CVE-2009-1123

HIGH

CVSS:7.8(High)

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows ...

NVD-CWE-Other2009

CVE-2010-0188

HIGH

CVSS:7.8(High)

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unk...

NVD-CWE-Other2010

CVE-2010-0232

HIGH

CVSS:7.8(High)

The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold an...

NVD-CWE-Other2010

CVE-2021-47293

Vulnerability Description

Related Vulnerabilities

CVE-2006-4663

CVE-2006-6165

CVE-2007-0257

CVE-2009-1123

CVE-2010-0188

CVE-2010-0232