CVE-2021-47291

Advisory lineage Upstream: 0 Downstream: 46

Downstream

DEBIAN-CVE-2021-47291 SUSE-SU-2024:2893-1 SUSE-SU-2024:2923-1 SUSE-SU-2024:2948-1 SUSE-SU-2024:3641-1 SUSE-SU-2024:3642-1

Analyzed

Published: 21 May 2024, 14:35

Last modified:11 May 2026, 13:51

Vulnerability Summary

Overall Risk (default)

medium

28/100

CVSS Score

7.1 HIGH

v3.1 (nvd)

EPSS Score

0.02% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

21 May 2024, 14:35

Published

Vulnerability first disclosed

11 May 2026, 13:51

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79fe46 ("ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions"). We additionally need to take care of fib6_metrics initialization failure when the caller provides an nh. The fix is similar, explicitly free the route instead of calling fib6_info_release on a half-initialized object.

CVSS Metrics

v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Trends

Current EPSS score: 0.02%• Percentile: 4%

Techniques & Countermeasures

CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

linux•linux
≥ f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74, < 830251361425c5be044db4d826aaf304ea3d14c6 | ≥ f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74, < ce8fafb68051fba52546f8bbe8621f7641683680 | ≥ f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74, < 115784bcccf135c3a3548098153413d76f16aae0 | ≥ f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74, < 8fb4792f091e608a0a1d353dfdf07ef55a719db5 | 5.3
linux•linux_kernel
≥ 5.3, < 5.4.136 | ≥ 5.5, < 5.10.54 | ≥ 5.11, < 5.13.6 | 5.14:rc1 | 5.14:rc2