CVE - CVE-2021-47236

CVE-ID
CVE-2021-47236	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02 URL:https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02 MISC:https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df URL:https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df MISC:https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e URL:https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e MISC:https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f URL:https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f MISC:https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88 URL:https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88 MISC:https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7 URL:https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7 MISC:https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65 URL:https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65 MISC:https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d URL:https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d
Assigning CNA
kernel.org
Date Record Created
20240410	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240410)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.