Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2021-0557

Good to know:

icon

Date: December 19, 2021

net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.7 by commit 75917372eef0dbfb290ae45474314d35f97aea18, it was introduced in version v4.7 by commit ec25bc04ed8e12947738468cbe2191f1529f9e39. For more details please see the references link.

Language: C

Severity Score

Related Resources (2)

https://github.com/gregkh/linux/commit/75917372eef0dbfb290ae45474314d35f97aea18
https://www.mend.io/vulnerability-database/WS-2021-0557

Severity Score

Weakness Type (CWE)

Improper Control of Generation of Code ('Code Injection')

CWE-94

Top Fix

icon

Upgrade Version

Upgrade to version linux-yocto - 4.10+gitAUTOINC+805ea440c7_b259a5d744;linux-libc-headers - 5.14

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH

Do you need more information?

Contact Us