Use-after-free in Linux kernel intel igbvf driver
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-47589 |
| CWE-ID | CWE-416 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Use-after-free
EUVDB-ID: #VU92300
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47589
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the igbvf_probe() function in drivers/net/ethernet/intel/igbvf/netdev.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 4.4 - 5.16 rc8
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:4.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.0-57:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.7:*:*:*:*:*:*:*
https://git.kernel.org/stable/c/ffe1695b678729edec04037e691007900a2b2beb
https://git.kernel.org/stable/c/79d9b092035dcdbe636b70433149df9cc6db1e49
https://git.kernel.org/stable/c/8d0c927a9fb2b4065230936b77b54f857a3754fc
https://git.kernel.org/stable/c/cc9b655bb84f1be283293dfea94dff9a31b106ac
https://git.kernel.org/stable/c/8addba6cab94ce01686ea2e80ed1530f9dc33a9a
https://git.kernel.org/stable/c/74a16e062b23332d8db017ff4a41e16279c44411
https://git.kernel.org/stable/c/944b8be08131f5faf2cd2440aa1c24a39a163a54
https://git.kernel.org/stable/c/b6d335a60dc624c0d279333b22c737faa765b028
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.259
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.222
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.296
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.294
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.11
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.168
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
