Vulnerability Details : CVE-2021-47143
In the Linux kernel, the following vulnerability has been resolved:
net/smc: remove device from smcd_dev_list after failed device_add()
If the device_add() for a smcd_dev fails, there's no cleanup step that
rolls back the earlier list_add(). The device subsequently gets freed,
and we end up with a corrupted list.
Add some error handling that removes the device from the list.
Products affected by CVE-2021-47143
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2021-47143
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 13 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-47143
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
N/A
|
N/A
|
RedHat-CVE-2021-47143 | 2024-03-25 |
References for CVE-2021-47143
-
https://git.kernel.org/stable/c/444d7be9532dcfda8e0385226c862fd7e986f607
net/smc: remove device from smcd_dev_list after failed device_add() - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/8b2cdc004d21a7255f219706dca64411108f7897
net/smc: remove device from smcd_dev_list after failed device_add() - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/40588782f1016c655ae1d302892f61d35af96842
net/smc: remove device from smcd_dev_list after failed device_add() - kernel/git/stable/linux.git - Linux kernel stable tree
Jump to