Description

In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the peak_usb_netif_rx_ni(). Reordering the lines solves the issue.

INFO

Published Date :

2025-04-17T18:01:30.722Z

Last Modified :

2025-05-04T07:15:51.038Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2021-47670 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-47670.

URL Resource
https://git.kernel.org/stable/c/50aca891d7a554db0901b245167cd653d73aaa71 cve-icon cve-icon
https://git.kernel.org/stable/c/5408824636fa0dfedb9ecb0d94abd573131bfbbe cve-icon cve-icon
https://git.kernel.org/stable/c/ddd1416f44130377798c1430b76503513b7497c2 cve-icon cve-icon
https://git.kernel.org/stable/c/ec939c13c3fff2114479769c8380b7f1a54feca9 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025041734-CVE-2021-47670-2b77@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2021-47670 cve-icon
https://www.cve.org/CVERecord?id=CVE-2021-47670 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact