In the Linux kernel, the following vulnerability has been resolved:
net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
Currently, the hns3_remove function firstly uninstall client instance,
and then uninstall acceletion engine device. The netdevice is freed in
client instance uninstall process, but acceletion engine device uninstall
process still use it to trace runtime information. This causes a use after
free problem.
So fixes it by check the instance register state to avoid use after free.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 19 Aug 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linux
Linux linux Kernel |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-06-19T14:53:58.243Z
Updated: 2024-09-11T17:34:52.130Z
Reserved: 2024-05-24T15:11:00.733Z
Link: CVE-2021-47596
Vulnrichment
Updated: 2024-09-11T12:42:26.422Z
NVD
Status : Analyzed
Published: 2024-06-19T15:15:54.197
Modified: 2024-08-19T18:22:13.667
Link: CVE-2021-47596
Redhat