State Issues in Linux kernel - CVE-2021-47086
Published: May 8, 2024 / Updated: May 14, 2025
Vulnerability identifier: #VU89260
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-47086
CWE-ID: CWE-371
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect handling of the socket state within the pep_ioctl() function in net/phonet/pep.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.
External links
- https://git.kernel.org/stable/c/0bbdd62ce9d44f3a22059b3d20a0df977d9f6d59
- https://git.kernel.org/stable/c/b10c7d745615a092a50c2e03ce70446d2bec2aca
- https://git.kernel.org/stable/c/311601f114859d586d5ef8833d60d3aa23282161
- https://git.kernel.org/stable/c/982b6ba1ce626ef87e5c29f26f2401897554f235
- https://git.kernel.org/stable/c/48c76fc53582e7f13c1e0b11c916e503256c4d0b
- https://git.kernel.org/stable/c/52ad5da8e316fa11e3a50b3f089aa63e4089bf52
- https://git.kernel.org/stable/c/53ccdc73eedaf0e922c45b569b797d2796fbaafa
- https://git.kernel.org/stable/c/75a2f31520095600f650597c0ac41f48b5ba0068
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.260
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.223
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.297
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.295
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.169