Vulnerabilities > Use After Free
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-21 | CVE-2021-47299 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpf_xdp_link_release The problem occurs between dev_get_by_index() and dev_xdp_attach_link(). At this point, dev_xdp_uninstall() is called. | 5.5 |
| 2024-05-21 | CVE-2021-47301 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. | 7.8 |
| 2024-05-21 | CVE-2021-47302 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. | 7.8 |
| 2024-05-21 | CVE-2021-47303 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Track subprog poke descriptors correctly and fix use-after-free Subprograms are calling map_poke_track(), but on program release there is no hook to call map_poke_untrack(). | 7.8 |
| 2024-05-21 | CVE-2021-47306 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: fddi: fix UAF in fza_probe fp is netdev private data and it cannot be used after free_netdev() call. | 7.8 |
| 2024-05-21 | CVE-2021-47310 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. | 7.8 |
| 2024-05-21 | CVE-2021-47311 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. | 7.8 |
| 2024-05-21 | CVE-2021-47318 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: arch_topology: Avoid use-after-free for scale_freq_data Currently topology_scale_freq_tick() (which gets called from scheduler_tick()) may end up using a pointer to "struct scale_freq_data", which was previously cleared by topology_clear_scale_freq_source(), as there is no protection in place here. | 7.8 |
| 2024-05-21 | CVE-2021-47321 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). | 7.8 |
| 2024-05-21 | CVE-2021-47328 | Use After Free vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsi_conn_teardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn ehwait. We can only do one TMF per session so this just moves the TMF fields from the conn to the session. | 7.8 |