Unrated severityNVD Advisory· Published Feb 28, 2024· Updated May 4, 2025

ethernet:enic: Fix a use after free bug in enic_hard_start_xmit

CVE-2021-46998

Description

In the Linux kernel, the following vulnerability has been resolved:

In enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside enic_queue_wq_skb, if some error happens, the skb will be freed by dev_kfree_skb(skb). But the freed skb is still used in skb_tx_timestamp(skb).

My patch makes enic_queue_wq_skb() return error and goto spin_unlock() incase of error. The solution is provided by Govind. See https://lkml.org/lkml/2021/4/30/961.

Affected products

osv-coords89 versions
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_47&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2 pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_43&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/kernel-preempt&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_56&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
< 5.3.18-150300.59.158.1+ 88 more
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 5.3.18-150300.59.158.1.150300.18.92.5
- (no CPE)range: < 5.3.18-150200.24.188.1.150200.9.95.3
- (no CPE)range: < 5.3.18-150300.59.158.1.150300.18.92.5
- (no CPE)range: < 5.3.18-150300.59.158.1.150300.18.92.5
- (no CPE)range: < 5.3.18-150300.59.158.1.150300.18.92.5
- (no CPE)range: < 5.3.18-150200.24.188.1.150200.9.95.3
- (no CPE)range: < 5.3.18-150300.59.158.1.150300.18.92.5
- (no CPE)range: < 5.3.18-150200.24.188.1.150200.9.95.3
- (no CPE)range: < 5.3.18-150300.59.158.1.150300.18.92.5
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 1-150200.5.3.3
- (no CPE)range: < 1-150300.7.3.5
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-10.182.1
- (no CPE)range: < 5.3.18-150300.166.1
- (no CPE)range: < 5.3.18-150300.166.1
- (no CPE)range: < 4.12.14-10.182.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150300.166.1
- (no CPE)range: < 5.3.18-150300.166.1
- (no CPE)range: < 4.12.14-10.182.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.3.18-150200.24.188.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 4.12.14-10.182.1
- (no CPE)range: < 5.3.18-150300.59.158.1
- (no CPE)range: < 1-8.3.1
Linux/Linuxcpe-rescue
Range: 4.16

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000