Unrated severityNVD Advisory· Published Apr 17, 2025· Updated May 4, 2025

can: vxcan: vxcan_xmit: fix use after free bug

CVE-2021-47669

Description

In the Linux kernel, the following vulnerability has been resolved:

After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the canfd_frame cfd which aliases skb memory is accessed after the netif_rx_ni().

Affected products

Linux/Kernelllm-fuzzy
osv-coords51 versions
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_57&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-preempt&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/kernel-source&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/kernel-syms&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_68&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
< 5.3.18-150300.59.204.1+ 50 more
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1.150300.18.122.1
- (no CPE)range: < 5.3.18-150300.59.204.1.150300.18.122.1
- (no CPE)range: < 5.3.18-150300.59.204.1.150300.18.122.1
- (no CPE)range: < 5.3.18-150300.59.204.1.150300.18.122.1
- (no CPE)range: < 5.3.18-150300.59.204.1.150300.18.122.1
- (no CPE)range: < 5.3.18-150300.59.204.1.150300.18.122.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 4.12.14-122.258.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 4.12.14-122.258.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 4.12.14-122.258.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 1-150300.7.3.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.208.1
- (no CPE)range: < 5.3.18-150300.208.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 4.12.14-122.258.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 4.12.14-122.258.1
- (no CPE)range: < 5.3.18-150300.208.1
- (no CPE)range: < 5.3.18-150300.208.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 4.12.14-122.258.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 4.12.14-122.258.1
- (no CPE)range: < 5.3.18-150300.59.204.1
- (no CPE)range: < 1-8.3.1
Linux/Linuxcpe-rescue
Range: 4.12

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000