vulnerability

Ubuntu: (Multiple Advisories) (CVE-2021-47235): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	May 21, 2024	Nov 19, 2024	Aug 18, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

May 21, 2024

Added

Nov 19, 2024

Modified

Aug 18, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: fix potential use-after-free in ec_bhf_remove

static void ec_bhf_remove(struct pci_dev *dev)
{
...
struct ec_bhf_priv *priv = netdev_priv(net_dev);

unregister_netdev(net_dev);
free_netdev(net_dev);

pci_iounmap(dev, priv->dma_io);
pci_iounmap(dev, priv->io);
...
}

priv is netdev private data, but it is used
after free_netdev(). It can cause use-after-free when accessing priv
pointer. So, fix it by moving free_netdev() after pci_iounmap()
calls.

Solutions

ubuntu-upgrade-linux-image-4-4-0-1112-fipsubuntu-upgrade-linux-image-4-4-0-1142-awsubuntu-upgrade-linux-image-4-4-0-1143-kvmubuntu-upgrade-linux-image-4-4-0-1180-awsubuntu-upgrade-linux-image-4-4-0-267-genericubuntu-upgrade-linux-image-4-4-0-267-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-lts-xenial

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today