Bug 2293230 (CVE-2021-47596) - CVE-2021-47596 kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
Summary: CVE-2021-47596 kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
Keywords:
Status: NEW
Alias: CVE-2021-47596
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2293209
TreeView+ depends on / blocked
 
Reported: 2024-06-20 10:40 UTC by Avinash Hanwate
Modified: 2024-09-27 17:04 UTC (History)
5 users (show)

Fixed In Version: kernel 5.10.88, kernel 5.15.11, kernel 5.16
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in the Linux kernel's HNS3 network driver related to a use-after-free condition in the hclgevf_send_mbx_msg function. The issue occurs when the hns3_remove function uninstalls a client instance before uninstalling the acceleration engine device, leading to access of freed memory during the device's uninstall process, resulting in system crash.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2024:4691 0 None None None 2024-07-22 06:55:35 UTC
Red Hat Product Errata RHSA-2024:4533 0 None None None 2024-07-15 05:12:39 UTC
Red Hat Product Errata RHSA-2024:4554 0 None None None 2024-07-15 21:23:52 UTC
Red Hat Product Errata RHSA-2024:4583 0 None None None 2024-07-17 00:48:31 UTC

Description Avinash Hanwate 2024-06-20 10:40:49 UTC
In the Linux kernel, the following vulnerability has been resolved:

net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg

The Linux kernel CVE team has assigned CVE-2021-47596 to this issue.

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2021-47596-cd94@gregkh/T

Comment 6 errata-xmlrpc 2024-07-15 05:12:37 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:4533 https://access.redhat.com/errata/RHSA-2024:4533

Comment 7 errata-xmlrpc 2024-07-15 21:23:51 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:4554 https://access.redhat.com/errata/RHSA-2024:4554

Comment 8 errata-xmlrpc 2024-07-17 00:48:30 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:4583 https://access.redhat.com/errata/RHSA-2024:4583


Note You need to log in before you can comment on or make changes to this bug.