vulnerability
Red Hat: CVE-2021-47596: kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:C/I:P/A:C) | Jun 19, 2024 | Jul 16, 2024 | Mar 27, 2026 |
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:C/I:P/A:C)
Published
Jun 19, 2024
Added
Jul 16, 2024
Modified
Mar 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved:
net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
Currently, the hns3_remove function firstly uninstall client instance,
and then uninstall acceletion engine device. The netdevice is freed in
client instance uninstall process, but acceletion engine device uninstall
process still use it to trace runtime information. This causes a use after
free problem.
So fixes it by check the instance register state to avoid use after free.
Solutions
redhat-upgrade-kernelredhat-upgrade-kernel-rt
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.