CVE-2021-47150

MEDIUM

Linux Kernel 3.18-4.19.192 - Use-After-Free in fec_enet_init()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory allocated for the queues is failed, it can return error directly.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/15102886bc8f5f29daaadf2d925591d564c17e9f

Patch

https://git.kernel.org/stable/c/20255d41ac560397b6a07d8d87dcc5e2efc7672a

Patch

https://git.kernel.org/stable/c/8ee7ef4a57a9e1228b6f345aaa70aa8951c7e9cd

Patch

https://git.kernel.org/stable/c/32a1777fd113335c3f70dc445dffee0ad1c6870f

Patch

https://git.kernel.org/stable/c/619fee9eb13b5d29e4267cb394645608088c28a8

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 12.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (14)

Linux/Linux < 3.18

Linux/Linux 3.18

Linux/Linux 4.19.193 - 4.19.*

Linux/Linux 5.10.42 - 5.10.*

Linux/Linux 5.12.9 - 5.12.*

Linux/Linux 5.13

Linux/Linux 5.4.124 - 5.4.*

Linux/Linux 59d0f746564495c7f54526674deabfcf101236a1 - 15102886bc8f5f29daaadf2d925591d564c17e9f

Linux/Linux 59d0f746564495c7f54526674deabfcf101236a1 - 20255d41ac560397b6a07d8d87dcc5e2efc7672a

Linux/Linux 59d0f746564495c7f54526674deabfcf101236a1 - 32a1777fd113335c3f70dc445dffee0ad1c6870f

... and 4 more

Published Mar 25, 2024

Tracked Since Feb 18, 2026