#VU92358 Improper locking in Linux kernel - CVE-2021-47574
Published: June 20, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU92358
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-47574
CWE-ID: CWE-667
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xennet_open(), xennet_tx_buf_gc(), xennet_close(), xennet_get_extras(), xennet_fill_frags(), __skb_queue_tail(), xennet_set_features(), setup_netfront_single(), setup_netfront_split() and xennet_init_queue() functions in drivers/net/xen-netfront.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/81900aa7d7a130dec4c55b68875e30fb8c9effec
- https://git.kernel.org/stable/c/99120c8230fdd5e8b72a6e4162db9e1c0a61954a
- https://git.kernel.org/stable/c/4bf81386e3d6e5083c93d51eff70260bcec091bb
- https://git.kernel.org/stable/c/3559ca594f15fcd23ed10c0056d40d71e5dab8e5
- https://git.kernel.org/stable/c/3e68d099f09c260a7dee28b99af02fe6977a9e66
- https://git.kernel.org/stable/c/d31b3379179d64724d3bbfa87bd4ada94e3237de
- https://git.kernel.org/stable/c/a29c8b5226eda52e6d6ff151d9343558ea3ad451
- https://git.kernel.org/stable/c/b27d47950e481f292c0a5ad57357edb9d95d03ba
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.259
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.222
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.296
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.294
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.11
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.168