CVE-2021-47293

Advisory lineage Upstream: 0 Downstream: 6
Analyzed
Published: 21 May 2024, 14:35
Last modified:11 May 2026, 13:51

Vulnerability Summary

Overall Risk (default)
medium
31/100
CVSS Score
7.8 HIGH
v3.1 (nvd)
EPSS Score
0.03% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

21 May 2024, 14:35
Published
Vulnerability first disclosed
11 May 2026, 13:51
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. As an example, for CAN devices: $ ip link add dev vcan0 type vcan $ ip link set up vcan0 $ tc qdisc add dev vcan0 root handle 1: htb $ tc filter add dev vcan0 parent 1: protocol ip prio 10 \ matchall action skbmod swap mac Doing the above silently corrupts all the packets. Do not perform skbmod actions for non-Ethernet packets.

CVSS Metrics

  • v3.1HIGHScore: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.03% Percentile: 8%

Affected Systems

  • linuxlinux

    ≥ 86da71b57383d40993cb90baafb3735cffe5d800, < e4fdca366806f6bab374d1a95e626a10a3854b0c | ≥ 86da71b57383d40993cb90baafb3735cffe5d800, < a88414fb1117f2fe65fb88e45ba694e1d09d5024 | ≥ 86da71b57383d40993cb90baafb3735cffe5d800, < 071729150be9e1d1b851b70efb6d91ee9269d57b | ≥ 86da71b57383d40993cb90baafb3735cffe5d800, < 34f1e1f657fae2891b485a3b2b95fe4d2aef9f0d | ≥ 86da71b57383d40993cb90baafb3735cffe5d800, < 727d6a8b7ef3d25080fad228b2c4a1d4da5999c6 | 4.9

  • linuxlinux_kernel

    ≥ 4.9, < 4.19.199 | ≥ 4.20, < 5.4.136 | ≥ 5.5, < 5.10.54 | ≥ 5.11, < 5.13.6 | 5.14:rc1 | 5.14:rc2

References (5)