CVE-2021-47082

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 4, 2024

Updated: Jan 14, 2025

CWE ID 415

Summary

CVE-2021-47082 is a vulnerability in the Linux kernel that affected the tun driver. The issue involved a double free in the tun_free_netdev() function, which has been resolved by moving the dev->tstats and tun->security allocs to a new ndo_init routine (tun_net_init()). This pairing of initialization and destruction routines ensures that any errors during device registration are handled appropriately. The vulnerability was identified as a double-free or invalid-free error in selinux_tun_dev_free_security, and was triggered by a call to slab_free. The affected kernel version is 5.16.0-rc2-syzk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/utPdRd
https://www.cve.org/CVERecord?id=CVE-2021-47082
https://nvd.nist.gov/vuln/detail/CVE-2021-47082

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Know What Matters

For Customers

For Partners

CVE-2021-47082

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations