| The vulnerability, tracked as CVE-2021-47311, is a use-after-free (UAF) bug in the `emac_remove` function of the Qualcomm Ethernet MAC (EMAC) driver in the Linux kernel. The UAF occurs because the `adpt` variable, which is private netdev data, cannot be used after the `free_netdev()` call. Using `adpt` after `free_netdev()` can cause a UAF bug. |
| |
| The fix involves moving the `free_netdev()` call to the end of the function, ensuring that `adpt` is not accessed after it has been freed. This vulnerability was introduced in kernel version 4.9 with commit 54e19bc74f33 and was fixed in various subsequent kernel versions, including 4.9.277, 4.14.241, 4.19.199, 5.4.135, 5.10.53, 5.13.5, and 5.14. |
| |
| The affected file is `drivers/net/ethernet/qualcomm/emac/emac.c`. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue, as well as other bugfixes. Individual changes can be found in the specified commits, but cherry-picking individual commits is not recommended or supported by the Linux kernel community. |
| |
