VYPR
High severity8.4NVD Advisory· Published May 21, 2024· Updated Jun 17, 2026

CVE-2021-47232

CVE-2021-47232

Description

In the Linux kernel, the following vulnerability has been resolved:

can: j1939: fix Use-after-Free, hold skb ref while in use

This patch fixes a Use-after-Free found by the syzbot.

The problem is that a skb is taken from the per-session skb queue, without incrementing the ref count. This leads to a Use-after-Free if the skb is taken concurrently from the session queue due to a CTS.

Affected products

2
  • Linux/Kernelllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 5.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.