CVE-2021-47668
- Source
- https://cve.org/CVERecord?id=CVE-2021-47668
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47668.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-47668
- Downstream
- Related
- Published
- 2025-04-17T18:15:43.623Z
- Modified
- 2026-03-13T05:18:12.860651Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
can: dev: can_restart: fix use after free bug
After calling netifrxni(skb), dereferencing skb is unsafe. Especially, the canframe cf which aliases skb memory is accessed after the netifrxni() in: stats->rxbytes += cf->len;
Reordering the lines solves the issue.
- References
-
- https://git.kernel.org/stable/c/260925a0b7d2da5449f8ecfd02c1405e0c8a45b8
- https://git.kernel.org/stable/c/593c072b7b3c4d7044416eb039d9ad706bedd67a
- https://git.kernel.org/stable/c/92668d28c7e6a7a2ba07df287669ffcdf650c421
- https://git.kernel.org/stable/c/ac48ef15826e83f4206c47add61072e8fc76d328
- https://git.kernel.org/stable/c/bbc6847b9b8978b520f62fbc7c68c54ef0f8d282
- https://git.kernel.org/stable/c/03f16c5075b22c8902d2af739969e878b0879c94
- https://git.kernel.org/stable/c/08ab951787098ae0b6c0364aeea7a8138226f234
Affected packages
Git /
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "2.6.31"
},
{
"fixed": "4.4.254"
}
]
},
{
"events": [
{
"introduced": "4.5"
},
{
"fixed": "4.9.254"
}
]
},
{
"events": [
{
"introduced": "4.10"
},
{
"fixed": "4.14.218"
}
]
},
{
"events": [
{
"introduced": "4.15"
},
{
"fixed": "4.19.171"
}
]
},
{
"events": [
{
"introduced": "4.20"
},
{
"fixed": "5.4.93"
}
]
},
{
"events": [
{
"introduced": "5.5"
},
{
"fixed": "5.10.11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.11-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.11-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.11-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.11-rc4"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47668.json"