CVE-2021-46998
HIGHLinux Kernel 4.16-4.19.191 - Use-After-Free in enic_hard_start_xmit
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit In enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside enic_queue_wq_skb, if some error happens, the skb will be freed by dev_kfree_skb(skb). But the freed skb is still used in skb_tx_timestamp(skb). My patch makes enic_queue_wq_skb() return error and goto spin_unlock() incase of error. The solution is provided by Govind. See https://lkml.org/lkml/2021/4/30/961.
References (6)
Core 6
Core References
Scores
CVSS v3
7.8
EPSS
0.0024
EPSS Percentile
15.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (15)
Linux/Linux
< 4.16
Linux/Linux
4.16
Linux/Linux
4.19.191 - 4.19.*
Linux/Linux
5.10.38 - 5.10.*
Linux/Linux
5.11.22 - 5.11.*
Linux/Linux
5.12.5 - 5.12.*
Linux/Linux
5.13
Linux/Linux
5.4.120 - 5.4.*
Linux/Linux
fb7516d42478ebc8e2f00efb76ef96f7b68fd8d3 - 25a87b1f566b5eb2af2857a928f0e2310d900976
Linux/Linux
fb7516d42478ebc8e2f00efb76ef96f7b68fd8d3 - 643001b47adc844ae33510c4bb93c236667008a3
... and 5 more
Published
Feb 28, 2024
Tracked Since
Feb 18, 2026