[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-46929":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":50,"related":51,"reserved_at":9,"published_at":63,"modified_at":64,"state":65,"summary":66,"references_raw":75,"kevs":102,"epss":103,"epss_history":106,"metrics":349,"affected":355},"CVE-2021-46929","In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: use call_rcu to free endpoint\n\nThis patch is to delay the endpoint free by calling call_rcu() to fix\nanother use-after-free issue in sctp_sock_dump():\n\n  BUG: KASAN: use-after-free in __lock_acquire+0x36d9/0x4c20\n  Call Trace:\n    __lock_acquire+0x36d9/0x4c20 kernel/locking/lockdep.c:3218\n    lock_acquire+0x1ed/0x520 kernel/locking/lockdep.c:3844\n    __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline]\n    _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:168\n    spin_lock_bh include/linux/spinlock.h:334 [inline]\n    __lock_sock+0x203/0x350 net/core/sock.c:2253\n    lock_sock_nested+0xfe/0x120 net/core/sock.c:2774\n    lock_sock include/net/sock.h:1492 [inline]\n    sctp_sock_dump+0x122/0xb20 net/sctp/diag.c:324\n    sctp_for_each_transport+0x2b5/0x370 net/sctp/socket.c:5091\n    sctp_diag_dump+0x3ac/0x660 net/sctp/diag.c:527\n    __inet_diag_dump+0xa8/0x140 net/ipv4/inet_diag.c:1049\n    inet_diag_dump+0x9b/0x110 net/ipv4/inet_diag.c:1065\n    netlink_dump+0x606/0x1080 net/netlink/af_netlink.c:2244\n    __netlink_dump_start+0x59a/0x7c0 net/netlink/af_netlink.c:2352\n    netlink_dump_start include/linux/netlink.h:216 [inline]\n    inet_diag_handler_cmd+0x2ce/0x3f0 net/ipv4/inet_diag.c:1170\n    __sock_diag_cmd net/core/sock_diag.c:232 [inline]\n    sock_diag_rcv_msg+0x31d/0x410 net/core/sock_diag.c:263\n    netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2477\n    sock_diag_rcv+0x2a/0x40 net/core/sock_diag.c:274\n\nThis issue occurs when asoc is peeled off and the old sk is freed after\ngetting it by asoc->base.sk and before calling lock_sock(sk).\n\nTo prevent the sk free, as a holder of the sk, ep should be alive when\ncalling lock_sock(). This patch uses call_rcu() and moves sock_put and\nep free into sctp_endpoint_destroy_rcu(), so that it's safe to try to\nhold the ep under rcu_read_lock in sctp_transport_traverse_process().\n\nIf sctp_endpoint_hold() returns true, it means this ep is still alive\nand we have held it and can continue to dump it; If it returns false,\nit means this ep is dead and can be freed after rcu_read_unlock, and\nwe should skip it.\n\nIn sctp_sock_dump(), after locking the sk, if this ep is different from\ntsp->asoc->ep, it means during this dumping, this asoc was peeled off\nbefore calling lock_sock(), and the sk should be skipped; If this ep is\nthe same with tsp->asoc->ep, it means no peeloff happens on this asoc,\nand due to lock_sock, no peeloff will happen either until release_sock.\n\nNote that delaying endpoint free won't delay the port release, as the\nport release happens in sctp_endpoint_destroy() before calling call_rcu().\nAlso, freeing endpoint by call_rcu() makes it safe to access the sk by\nasoc->base.sk in sctp_assocs_seq_show() and sctp_rcv().\n\nThanks Jones to bring this issue up.\n\nv1->v2:\n  - improve the changelog.\n  - add kfree(ep) into sctp_endpoint_destroy_rcu(), as Jakub noticed.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48],{"_key":25},"SUSE-SU-2024:0856-1",{"_key":27},"SUSE-SU-2024:0857-1",{"_key":29},"SUSE-SU-2024:1321-1",{"_key":31},"SUSE-SU-2024:0925-1",{"_key":33},"SUSE-SU-2024:0926-1",{"_key":35},"SUSE-SU-2024:0975-1",{"_key":37},"SUSE-SU-2024:0976-1",{"_key":39},"SUSE-SU-2024:1320-1",{"_key":41},"SUSE-SU-2024:1466-1",{"_key":43},"SUSE-SU-2024:1480-1",{"_key":45},"SUSE-SU-2024:1490-1",{"_key":47},"DEBIAN-CVE-2021-46929",{"_key":49},"UBUNTU-CVE-2021-46929",[],[52,53,54,55,56,57,58,59,60,61,62],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},"2024-02-27T09:43:58.047Z","2026-05-11T13:44:37.844Z","Modified",{"cisa_kev":67,"cisa_ransomware":67,"cisa_vendor":9,"epss_severity":68,"epss_score":69,"severity":70,"severity_score":71,"severity_version":72,"severity_source":73,"severity_vector":74,"severity_status":65},false,"low",0.00012,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[76,82,86,90,94,98],{"url":77,"sources":78,"tags":80},"https://git.kernel.org/stable/c/8873140f95d4977bf37e4cf0d5c5e3f6e34cdd3e",[79,73],"cve.org",[81],"Patch",{"url":83,"sources":84,"tags":85},"https://git.kernel.org/stable/c/af6e6e58f7ebf86b4e7201694b1e4f3a62cbc3ec",[79,73],[81],{"url":87,"sources":88,"tags":89},"https://git.kernel.org/stable/c/831de271452b87657fcf8d715ee20519b79caef5",[79,73],[81],{"url":91,"sources":92,"tags":93},"https://git.kernel.org/stable/c/769d14abd35e0e153b5149c3e1e989a9d719e3ff",[79,73],[81],{"url":95,"sources":96,"tags":97},"https://git.kernel.org/stable/c/75799e71df1da11394740b43ae5686646179561d",[79,73],[81],{"url":99,"sources":100,"tags":101},"https://git.kernel.org/stable/c/5ec7d18d1813a5bead0b495045606c93873aecbb",[79,73],[81],[],{"date":104,"score":69,"percentile":105},"2026-06-03",0.01809,[107,110,113,116,119,122,125,128,131,134,137,140,143,145,148,152,155,158,161,164,167,170,173,175,178,181,184,187,189,192,195,198,201,204,207,209,212,215,218,220,222,224,226,228,230,233,236,238,240,243,246,248,251,253,255,258,260,262,265,268,270,273,276,279,281,284,286,289,292,294,297,299,301,304,307,310,313,316,319,322,324,327,330,333,335,337,339,341,343,346],{"date":108,"score":69,"percentile":109},"2025-11-04",0.01203,{"date":111,"score":69,"percentile":112},"2025-11-05",0.01222,{"date":114,"score":69,"percentile":115},"2025-11-06",0.01234,{"date":117,"score":69,"percentile":118},"2025-11-07",0.01236,{"date":120,"score":69,"percentile":121},"2025-11-08",0.01239,{"date":123,"score":69,"percentile":124},"2025-11-09",0.01237,{"date":126,"score":69,"percentile":127},"2025-11-10",0.01227,{"date":129,"score":69,"percentile":130},"2025-11-11",0.01231,{"date":132,"score":69,"percentile":133},"2025-11-12",0.01233,{"date":135,"score":69,"percentile":136},"2025-11-13",0.01238,{"date":138,"score":69,"percentile":139},"2025-11-14",0.01252,{"date":141,"score":69,"percentile":142},"2025-11-15",0.01267,{"date":144,"score":69,"percentile":142},"2025-11-16",{"date":146,"score":69,"percentile":147},"2025-11-17",0.01259,{"date":149,"score":150,"percentile":151},"2025-11-18",0.0009,0.21821,{"date":153,"score":150,"percentile":154},"2025-11-19",0.21833,{"date":156,"score":150,"percentile":157},"2025-11-20",0.21842,{"date":159,"score":69,"percentile":160},"2025-11-21",0.0131,{"date":162,"score":69,"percentile":163},"2025-11-22",0.01307,{"date":165,"score":69,"percentile":166},"2025-11-23",0.01295,{"date":168,"score":69,"percentile":169},"2025-11-24",0.01288,{"date":171,"score":69,"percentile":172},"2025-11-25",0.01283,{"date":174,"score":69,"percentile":112},"2025-11-26",{"date":176,"score":69,"percentile":177},"2025-11-27",0.0122,{"date":179,"score":69,"percentile":180},"2025-11-28",0.01225,{"date":182,"score":69,"percentile":183},"2025-11-29",0.0126,{"date":185,"score":69,"percentile":186},"2025-11-30",0.01269,{"date":188,"score":69,"percentile":166},"2025-12-01",{"date":190,"score":69,"percentile":191},"2025-12-02",0.01291,{"date":193,"score":69,"percentile":194},"2025-12-03",0.01296,{"date":196,"score":69,"percentile":197},"2025-12-04",0.0127,{"date":199,"score":69,"percentile":200},"2025-12-05",0.01286,{"date":202,"score":69,"percentile":203},"2025-12-06",0.01289,{"date":205,"score":69,"percentile":206},"2025-12-07",0.01287,{"date":208,"score":69,"percentile":206},"2025-12-08",{"date":210,"score":69,"percentile":211},"2025-12-09",0.013,{"date":213,"score":69,"percentile":214},"2025-12-10",0.01311,{"date":216,"score":69,"percentile":217},"2025-12-11",0.01302,{"date":219,"score":69,"percentile":217},"2025-12-12",{"date":221,"score":69,"percentile":169},"2025-12-13",{"date":223,"score":69,"percentile":200},"2025-12-14",{"date":225,"score":69,"percentile":172},"2025-12-15",{"date":227,"score":69,"percentile":169},"2025-12-16",{"date":229,"score":69,"percentile":169},"2025-12-17",{"date":231,"score":69,"percentile":232},"2025-12-18",0.01277,{"date":234,"score":69,"percentile":235},"2025-12-19",0.01281,{"date":237,"score":69,"percentile":235},"2025-12-20",{"date":239,"score":69,"percentile":191},"2025-12-21",{"date":241,"score":69,"percentile":242},"2025-12-22",0.01292,{"date":244,"score":69,"percentile":245},"2025-12-23",0.01293,{"date":247,"score":69,"percentile":166},"2025-12-24",{"date":249,"score":69,"percentile":250},"2025-12-25",0.01298,{"date":252,"score":69,"percentile":211},"2025-12-26",{"date":254,"score":69,"percentile":194},"2025-12-27",{"date":256,"score":69,"percentile":257},"2025-12-28",0.01294,{"date":259,"score":69,"percentile":200},"2025-12-29",{"date":261,"score":69,"percentile":235},"2025-12-30",{"date":263,"score":69,"percentile":264},"2025-12-31",0.01278,{"date":266,"score":69,"percentile":267},"2026-01-01",0.01299,{"date":269,"score":69,"percentile":245},"2026-01-02",{"date":271,"score":69,"percentile":272},"2026-01-03",0.01297,{"date":274,"score":69,"percentile":275},"2026-01-04",0.01268,{"date":277,"score":69,"percentile":278},"2026-01-05",0.01275,{"date":280,"score":69,"percentile":186},"2026-01-06",{"date":282,"score":69,"percentile":283},"2026-01-07",0.01274,{"date":285,"score":69,"percentile":169},"2026-01-08",{"date":287,"score":69,"percentile":288},"2026-01-09",0.01303,{"date":290,"score":69,"percentile":291},"2026-01-10",0.01312,{"date":293,"score":69,"percentile":160},"2026-01-11",{"date":295,"score":69,"percentile":296},"2026-01-12",0.01313,{"date":298,"score":69,"percentile":214},"2026-01-13",{"date":300,"score":69,"percentile":291},"2026-01-14",{"date":302,"score":69,"percentile":303},"2026-01-15",0.01323,{"date":305,"score":69,"percentile":306},"2026-01-16",0.01332,{"date":308,"score":69,"percentile":309},"2026-01-17",0.01336,{"date":311,"score":69,"percentile":312},"2026-01-18",0.01349,{"date":314,"score":69,"percentile":315},"2026-01-19",0.01339,{"date":317,"score":69,"percentile":318},"2026-01-20",0.01326,{"date":320,"score":69,"percentile":321},"2026-01-21",0.01321,{"date":323,"score":69,"percentile":303},"2026-01-22",{"date":325,"score":69,"percentile":326},"2026-01-23",0.01337,{"date":328,"score":69,"percentile":329},"2026-01-24",0.01341,{"date":331,"score":69,"percentile":332},"2026-01-25",0.0134,{"date":334,"score":69,"percentile":315},"2026-01-26",{"date":336,"score":69,"percentile":318},"2026-01-27",{"date":338,"score":69,"percentile":318},"2026-01-28",{"date":340,"score":69,"percentile":309},"2026-01-29",{"date":342,"score":69,"percentile":315},"2026-01-30",{"date":344,"score":69,"percentile":345},"2026-01-31",0.01354,{"date":347,"score":69,"percentile":348},"2026-02-01",0.01376,[350],{"source":73,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":351,"cvss_v4_0":9},{"baseScore":71,"baseSeverity":352,"vectorString":74,"impactScore":353,"exploitabilityScore":354},"MEDIUM",6,4.6,[356,385],{"ecosystem":9,"name":357,"vendor":358,"product":358,"cpe_part":359,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":360},"Linux","linux","a",[361,368,371,374,377,380,383],{"version":362,"is_range":363,"range_type":79,"version_start":364,"version_start_type":365,"version_end":366,"version_end_type":367,"fixed_in":9},">= d25adbeb0cdb860fb39e09cdd025e9cfc954c5ab, \u003C 8873140f95d4977bf37e4cf0d5c5e3f6e34cdd3e",true,"d25adbeb0cdb860fb39e09cdd025e9cfc954c5ab","including","8873140f95d4977bf37e4cf0d5c5e3f6e34cdd3e","excluding",{"version":369,"is_range":363,"range_type":79,"version_start":364,"version_start_type":365,"version_end":370,"version_end_type":367,"fixed_in":9},">= d25adbeb0cdb860fb39e09cdd025e9cfc954c5ab, \u003C af6e6e58f7ebf86b4e7201694b1e4f3a62cbc3ec","af6e6e58f7ebf86b4e7201694b1e4f3a62cbc3ec",{"version":372,"is_range":363,"range_type":79,"version_start":364,"version_start_type":365,"version_end":373,"version_end_type":367,"fixed_in":9},">= d25adbeb0cdb860fb39e09cdd025e9cfc954c5ab, \u003C 831de271452b87657fcf8d715ee20519b79caef5","831de271452b87657fcf8d715ee20519b79caef5",{"version":375,"is_range":363,"range_type":79,"version_start":364,"version_start_type":365,"version_end":376,"version_end_type":367,"fixed_in":9},">= d25adbeb0cdb860fb39e09cdd025e9cfc954c5ab, \u003C 769d14abd35e0e153b5149c3e1e989a9d719e3ff","769d14abd35e0e153b5149c3e1e989a9d719e3ff",{"version":378,"is_range":363,"range_type":79,"version_start":364,"version_start_type":365,"version_end":379,"version_end_type":367,"fixed_in":9},">= d25adbeb0cdb860fb39e09cdd025e9cfc954c5ab, \u003C 75799e71df1da11394740b43ae5686646179561d","75799e71df1da11394740b43ae5686646179561d",{"version":381,"is_range":363,"range_type":79,"version_start":364,"version_start_type":365,"version_end":382,"version_end_type":367,"fixed_in":9},">= d25adbeb0cdb860fb39e09cdd025e9cfc954c5ab, \u003C 5ec7d18d1813a5bead0b495045606c93873aecbb","5ec7d18d1813a5bead0b495045606c93873aecbb",{"version":384,"is_range":67,"range_type":79,"version_start":384,"version_start_type":365,"version_end":384,"version_end_type":365,"fixed_in":9},"4.14",{"ecosystem":9,"name":386,"vendor":358,"product":387,"cpe_part":388,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":389},"linux kernel","linux_kernel","o",[390,395,399,403,407],{"version":391,"is_range":363,"range_type":392,"version_start":393,"version_start_type":365,"version_end":394,"version_end_type":367,"fixed_in":9},"gte4.14.0_lt4.14.261","cpe","4.14.0","4.14.261",{"version":396,"is_range":363,"range_type":392,"version_start":397,"version_start_type":365,"version_end":398,"version_end_type":367,"fixed_in":9},"gte4.15.0_lt4.19.224","4.15.0","4.19.224",{"version":400,"is_range":363,"range_type":392,"version_start":401,"version_start_type":365,"version_end":402,"version_end_type":367,"fixed_in":9},"gte4.20.0_lt5.4.170","4.20.0","5.4.170",{"version":404,"is_range":363,"range_type":392,"version_start":405,"version_start_type":365,"version_end":406,"version_end_type":367,"fixed_in":9},"gte5.5.0_lt5.10.90","5.5.0","5.10.90",{"version":408,"is_range":363,"range_type":392,"version_start":409,"version_start_type":365,"version_end":410,"version_end_type":367,"fixed_in":9},"gte5.11.0_lt5.15.13","5.11.0","5.15.13"]