Use After Free in Linux
CVE-2021-47196
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Set send and receive CQ before forwarding to the driver Preset both receive and send CQ pointers prior to call to the drivers and overwrite it later again til…
Vulnerability class: Use-After-Free
EPSS: 0.002 (12.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Linux — versions 514aee660df493cd673154a6ba6bab745ec47b8c, 5.15, 0
- Linux Linux_kernel — versions 5.16
Weakness classification (CWE)
References
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (Patch, Mailing List)
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (Patch, Mailing List)
Frequently asked questions
- What is CVE-2021-47196?
- CVE-2021-47196 is a high-severity vulnerability in Linux, classified under Use After Free. CVSS score: 7.8/10. Published 2024-04-10.
- How severe is CVE-2021-47196?
- High severity. CVSS v3 base score is 7.8 out of 10.