CVE - CVE-2021-47555

CVE-ID
CVE-2021-47555	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the real_dev refcnt Inject error before dev_hold(real_dev) in register_vlan_dev(), and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100 ip link del dev dummy1 When the dummy netdevice is removed, we will get a WARNING as following: ======================================================================= refcount_t: decrement hit 0; leaking memory. WARNING: CPU: 2 PID: 0 at lib/refcount.c:31 refcount_warn_saturate+0xbf/0x1e0 and an endless loop of: ======================================================================= unregister_netdevice: waiting for dummy1 to become free. Usage count = -1073741824 That is because dev_put(real_dev) in vlan_dev_free() be called without dev_hold(real_dev) in register_vlan_dev(). It makes the refcnt of real_dev underflow. Move the dev_hold(real_dev) to vlan_dev_init() which is the call-back of ndo_init(). That makes dev_hold() and dev_put() for vlan's real_dev symmetrical.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/01d9cc2dea3fde3bad6d27f464eff463496e2b00 URL:https://git.kernel.org/stable/c/01d9cc2dea3fde3bad6d27f464eff463496e2b00 MISC:https://git.kernel.org/stable/c/5e44178864b38dd70b877985abd7d86fdb95f27d URL:https://git.kernel.org/stable/c/5e44178864b38dd70b877985abd7d86fdb95f27d MISC:https://git.kernel.org/stable/c/6e800ee43218a56acc93676bbb3d93b74779e555 URL:https://git.kernel.org/stable/c/6e800ee43218a56acc93676bbb3d93b74779e555 MISC:https://git.kernel.org/stable/c/f7fc72a508cf115c273a7a29350069def1041890 URL:https://git.kernel.org/stable/c/f7fc72a508cf115c273a7a29350069def1041890
Assigning CNA
kernel.org
Date Record Created
20240524	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240524)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)