vulnerability

Debian: CVE-2021-47596: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Jun 19, 2024	Jul 30, 2024	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Jun 19, 2024

Added

Jul 30, 2024

Modified

Mar 30, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg

Currently, the hns3_remove function firstly uninstall client instance,
and then uninstall acceletion engine device. The netdevice is freed in
client instance uninstall process, but acceletion engine device uninstall
process still use it to trace runtime information. This causes a use after
free problem.

So fixes it by check the instance register state to avoid use after free.

Solution

debian-upgrade-linux

References

CVE-2021-47596
https://attackerkb.com/topics/CVE-2021-47596
CWE-416
EUVD-EUVD-2021-34598
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-34598

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report