CVE-2021-47248 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad
https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56
https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241
https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac
https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e
https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e
https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f
https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2021-47248-2609@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47248
https://www.cve.org/CVERecord?id=CVE-2021-47248

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc3:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc6::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 5.8, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H'}`	cvssV3_1 `{'score': 4.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47248", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-04-10T18:59:19.536Z", "datePublished": "2024-05-21T14:19:45.588Z", "dateUpdated": "2025-05-04T07:07:06.760Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:07:06.760Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: fix race between close() and udp_abort()\n\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\n\nWe can't easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\n\nDiagnosed-and-tested-by: Kaustubh Pandey <kapandey@codeaurora.org>"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/udp.c", "net/ipv6/udp.c"], "versions": [{"version": "5d77dca82839ef016a93ad7acd7058b14d967752", "lessThan": "e3c36c773aed0fef8b1d3d555b43393ec564400f", "status": "affected", "versionType": "git"}, {"version": "5d77dca82839ef016a93ad7acd7058b14d967752", "lessThan": "a0882f68f54f7a8b6308261acee9bd4faab5a69e", "status": "affected", "versionType": "git"}, {"version": "5d77dca82839ef016a93ad7acd7058b14d967752", "lessThan": "2f73448041bd0682d4b552cfd314ace66107f1ad", "status": "affected", "versionType": "git"}, {"version": "5d77dca82839ef016a93ad7acd7058b14d967752", "lessThan": "5a88477c1c85e4baa51e91f2d40f2166235daa56", "status": "affected", "versionType": "git"}, {"version": "5d77dca82839ef016a93ad7acd7058b14d967752", "lessThan": "8729ec8a2238152a4afc212a331a6cd2c61aeeac", "status": "affected", "versionType": "git"}, {"version": "5d77dca82839ef016a93ad7acd7058b14d967752", "lessThan": "65310b0aff86980a011c7c7bfa487a333d4ca241", "status": "affected", "versionType": "git"}, {"version": "5d77dca82839ef016a93ad7acd7058b14d967752", "lessThan": "a8b897c7bcd47f4147d066e22cc01d1026d7640e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/udp.c", "net/ipv6/udp.c"], "versions": [{"version": "4.9", "status": "affected"}, {"version": "0", "lessThan": "4.9", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.274", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.238", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.196", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.128", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.46", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.13", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "4.9.274"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "4.14.238"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "4.19.196"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.4.128"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.10.46"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.12.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f"}, {"url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e"}, {"url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad"}, {"url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56"}, {"url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac"}, {"url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241"}, {"url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e"}], "title": "udp: fix race between close() and udp_abort()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47248", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-23T18:04:43.420239Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:13:24.395Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.937Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2021-47248 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-04-10T18:59:19.536Z (string)

datePublished : 2024-05-21T14:19:45.588Z (string)

dateUpdated : 2025-05-04T07:07:06.760Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:07:06.760Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close() and udp_abort() Kaustubh reported and diagnosed a panic in udp_lib_lookup(). The root cause is udp_abort() racing with close(). Both racing functions acquire the socket lock, but udp{v6}_destroy_sock() release it before performing destructive actions. We can't easily extend the socket lock scope to avoid the race, instead use the SOCK_DEAD flag to prevent udp_abort from doing any action when the critical race happens. Diagnosed-and-tested-by: Kaustubh Pandey <kapandey@codeaurora.org> (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/ipv4/udp.c (string)

1 : net/ipv6/udp.c (string)

]

versions : [ »

0 : { »

version : 5d77dca82839ef016a93ad7acd7058b14d967752 (string)

lessThan : e3c36c773aed0fef8b1d3d555b43393ec564400f (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 5d77dca82839ef016a93ad7acd7058b14d967752 (string)

lessThan : a0882f68f54f7a8b6308261acee9bd4faab5a69e (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 5d77dca82839ef016a93ad7acd7058b14d967752 (string)

lessThan : 2f73448041bd0682d4b552cfd314ace66107f1ad (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 5d77dca82839ef016a93ad7acd7058b14d967752 (string)

lessThan : 5a88477c1c85e4baa51e91f2d40f2166235daa56 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 5d77dca82839ef016a93ad7acd7058b14d967752 (string)

lessThan : 8729ec8a2238152a4afc212a331a6cd2c61aeeac (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 5d77dca82839ef016a93ad7acd7058b14d967752 (string)

lessThan : 65310b0aff86980a011c7c7bfa487a333d4ca241 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 5d77dca82839ef016a93ad7acd7058b14d967752 (string)

lessThan : a8b897c7bcd47f4147d066e22cc01d1026d7640e (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/ipv4/udp.c (string)

1 : net/ipv6/udp.c (string)

]

versions : [ »

0 : { »

version : 4.9 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 4.9 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.9.274 (string)

lessThanOrEqual : 4.9.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 4.14.238 (string)

lessThanOrEqual : 4.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 4.19.196 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 5.4.128 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.10.46 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 5.12.13 (string)

lessThanOrEqual : 5.12.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 5.13 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.9 (string)

versionEndExcluding : 4.9.274 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.9 (string)

versionEndExcluding : 4.14.238 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.9 (string)

versionEndExcluding : 4.19.196 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.9 (string)

versionEndExcluding : 5.4.128 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.9 (string)

versionEndExcluding : 5.10.46 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.9 (string)

versionEndExcluding : 5.12.13 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.9 (string)

versionEndExcluding : 5.13 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f (string)

}

1 : { »

url : https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e (string)

}

2 : { »

url : https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad (string)

}

3 : { »

url : https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac (string)

}

5 : { »

url : https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e (string)

}

]

title : udp: fix race between close() and udp_abort() (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47248 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-23T18:04:43.420239Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-04T17:13:24.395Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:32:07.937Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.937Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47248", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-23T18:04:43.420239Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T18:04:47.404Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "udp: fix race between close() and udp_abort()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5d77dca82839", "lessThan": "e3c36c773aed", "versionType": "git"}, {"status": "affected", "version": "5d77dca82839", "lessThan": "a0882f68f54f", "versionType": "git"}, {"status": "affected", "version": "5d77dca82839", "lessThan": "2f73448041bd", "versionType": "git"}, {"status": "affected", "version": "5d77dca82839", "lessThan": "5a88477c1c85", "versionType": "git"}, {"status": "affected", "version": "5d77dca82839", "lessThan": "8729ec8a2238", "versionType": "git"}, {"status": "affected", "version": "5d77dca82839", "lessThan": "65310b0aff86", "versionType": "git"}, {"status": "affected", "version": "5d77dca82839", "lessThan": "a8b897c7bcd4", "versionType": "git"}], "programFiles": ["net/ipv4/udp.c", "net/ipv6/udp.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.9"}, {"status": "unaffected", "version": "0", "lessThan": "4.9", "versionType": "semver"}, {"status": "unaffected", "version": "4.9.274", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.238", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.196", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.128", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.46", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.12.13", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/ipv4/udp.c", "net/ipv6/udp.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f"}, {"url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e"}, {"url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad"}, {"url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56"}, {"url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac"}, {"url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241"}, {"url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: fix race between close() and udp_abort()\n\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\n\nWe can't easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\n\nDiagnosed-and-tested-by: Kaustubh Pandey <kapandey@codeaurora.org>"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:02:15.957Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47248", "state": "PUBLISHED", "dateUpdated": "2024-11-04T12:02:15.957Z", "dateReserved": "2024-04-10T18:59:19.536Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T14:19:45.588Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:32:07.937Z (string)

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47248 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-23T18:04:43.420239Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-05-23T18:04:47.404Z (string)

}

title : CISA ADP Vulnrichment (string)

}

]

cna : { »

title : udp: fix race between close() and udp_abort() (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 5d77dca82839 (string)

lessThan : e3c36c773aed (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 5d77dca82839 (string)

lessThan : a0882f68f54f (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 5d77dca82839 (string)

lessThan : 2f73448041bd (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 5d77dca82839 (string)

lessThan : 5a88477c1c85 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 5d77dca82839 (string)

lessThan : 8729ec8a2238 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 5d77dca82839 (string)

lessThan : 65310b0aff86 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 5d77dca82839 (string)

lessThan : a8b897c7bcd4 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : net/ipv4/udp.c (string)

1 : net/ipv6/udp.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 4.9 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 4.9 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.9.274 (string)

versionType : semver (string)

lessThanOrEqual : 4.9.* (string)

}

3 : { »

status : unaffected (string)

version : 4.14.238 (string)

versionType : semver (string)

lessThanOrEqual : 4.14.* (string)

}

4 : { »

status : unaffected (string)

version : 4.19.196 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

5 : { »

status : unaffected (string)

version : 5.4.128 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

6 : { »

status : unaffected (string)

version : 5.10.46 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

7 : { »

status : unaffected (string)

version : 5.12.13 (string)

versionType : semver (string)

lessThanOrEqual : 5.12.* (string)

}

8 : { »

status : unaffected (string)

version : 5.13 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : net/ipv4/udp.c (string)

1 : net/ipv6/udp.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f (string)

}

1 : { »

url : https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e (string)

}

2 : { »

url : https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad (string)

}

3 : { »

url : https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac (string)

}

5 : { »

url : https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e (string)

}

]

x_generator : { »

engine : bippy-9e1c9544281a (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close() and udp_abort() Kaustubh reported and diagnosed a panic in udp_lib_lookup(). The root cause is udp_abort() racing with close(). Both racing functions acquire the socket lock, but udp{v6}_destroy_sock() release it before performing destructive actions. We can't easily extend the socket lock scope to avoid the race, instead use the SOCK_DEAD flag to prevent udp_abort from doing any action when the critical race happens. Diagnosed-and-tested-by: Kaustubh Pandey <kapandey@codeaurora.org> (string)

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-11-04T12:02:15.957Z (string)

}

cveMetadata : { »

cveId : CVE-2021-47248 (string)

state : PUBLISHED (string)

dateUpdated : 2024-11-04T12:02:15.957Z (string)

dateReserved : 2024-04-10T18:59:19.536Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-21T14:19:45.588Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B5A1555-2CC4-4652-AD96-3529D26B3447", "versionEndExcluding": "4.9.274", "versionStartIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C3C0DBBF-0923-4D2A-9178-134691F9933F", "versionEndExcluding": "4.14.238", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3CAB837-7D38-4934-AD4F-195CEFD754E6", "versionEndExcluding": "4.19.196", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6267BD4E-BE25-48B5-B850-4B493440DAFA", "versionEndExcluding": "5.4.128", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "59455D13-A902-42E1-97F7-5ED579777193", "versionEndExcluding": "5.10.46", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7806E7E5-6D4F-4E18-81C1-79B3C60EE855", "versionEndExcluding": "5.12.13", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", "matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:*", "matchCriteriaId": "25A855BA-2118-44F2-90EF-EBBB12AF51EF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: fix race between close() and udp_abort()\n\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\n\nWe can't easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\n\nDiagnosed-and-tested-by: Kaustubh Pandey <kapandey@codeaurora.org>"}, {"lang": "es", "value": " En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: udp: corrige la ejecuci\u00f3n entre close() y udp_abort(). Kaustubh inform\u00f3 y diagnostic\u00f3 un p\u00e1nico en udp_lib_lookup(). La causa principal es que udp_abort() compite con close(). Ambas funciones de ejecuci\u00f3n adquieren el bloqueo del socket, pero udp{v6}_destroy_sock() lo libera antes de realizar acciones destructivas. No podemos extender f\u00e1cilmente el alcance del bloqueo del socket para evitar la ejecuci\u00f3n; en su lugar, usamos el indicador SOCK_DEAD para evitar que udp_abort realice alguna acci\u00f3n cuando ocurre la ejecuci\u00f3n cr\u00edtica. Diagnosticado y probado por: Kaustubh Pandey "}], "id": "CVE-2021-47248", "lastModified": "2025-04-30T15:21:04.770", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-21T15:15:13.780", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6B5A1555-2CC4-4652-AD96-3529D26B3447 (string)

versionEndExcluding : 4.9.274 (string)

versionStartIncluding : 4.9 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C3C0DBBF-0923-4D2A-9178-134691F9933F (string)

versionEndExcluding : 4.14.238 (string)

versionStartIncluding : 4.10 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F3CAB837-7D38-4934-AD4F-195CEFD754E6 (string)

versionEndExcluding : 4.19.196 (string)

versionStartIncluding : 4.15 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6267BD4E-BE25-48B5-B850-4B493440DAFA (string)

versionEndExcluding : 5.4.128 (string)

versionStartIncluding : 4.20 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 59455D13-A902-42E1-97F7-5ED579777193 (string)

versionEndExcluding : 5.10.46 (string)

versionStartIncluding : 5.5 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7806E7E5-6D4F-4E18-81C1-79B3C60EE855 (string)

versionEndExcluding : 5.12.13 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:* (string)

matchCriteriaId : 0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:* (string)

matchCriteriaId : 96AC23B2-D46A-49D9-8203-8E1BEDCA8532 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:* (string)

matchCriteriaId : DA610E30-717C-4700-9F77-A3C9244F3BFD (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:* (string)

matchCriteriaId : 1ECD33F5-85BE-430B-8F86-8D7BD560311D (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:* (string)

matchCriteriaId : CF351855-2437-4CF5-AD7C-BDFA51F27683 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:* (string)

matchCriteriaId : 25A855BA-2118-44F2-90EF-EBBB12AF51EF (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close() and udp_abort() Kaustubh reported and diagnosed a panic in udp_lib_lookup(). The root cause is udp_abort() racing with close(). Both racing functions acquire the socket lock, but udp{v6}_destroy_sock() release it before performing destructive actions. We can't easily extend the socket lock scope to avoid the race, instead use the SOCK_DEAD flag to prevent udp_abort from doing any action when the critical race happens. Diagnosed-and-tested-by: Kaustubh Pandey <kapandey@codeaurora.org> (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: udp: corrige la ejecución entre close() y udp_abort(). Kaustubh informó y diagnosticó un pánico en udp_lib_lookup(). La causa principal es que udp_abort() compite con close(). Ambas funciones de ejecución adquieren el bloqueo del socket, pero udp{v6}_destroy_sock() lo libera antes de realizar acciones destructivas. No podemos extender fácilmente el alcance del bloqueo del socket para evitar la ejecución; en su lugar, usamos el indicador SOCK_DEAD para evitar que udp_abort realice alguna acción cuando ocurre la ejecución crítica. Diagnosticado y probado por: Kaustubh Pandey (string)

}

]

id : CVE-2021-47248 (string)

lastModified : 2025-04-30T15:21:04.770 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 4.7 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-05-21T15:15:13.780 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-362 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: udp: fix race between close() and udp_abort()", "id": "2282564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282564"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "status": "draft"}, "cwe": "CWE-362", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nudp: fix race between close() and udp_abort()\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\nWe can't easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\nDiagnosed-and-tested-by: Kaustubh Pandey <kapandey@codeaurora.org>", "A vulnerability was found in the Linux kernel's UDP implementation, where a race condition exists between the close() and udp_abort() functions. This race can cause a system panic during socket operations, leading to unexpected crashes"], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2021-47248", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47248\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47248\nhttps://lore.kernel.org/linux-cve-announce/2024052143-CVE-2021-47248-2609@gregkh/T"], "statement": "This vulnerability is rated as a moderate severity because this issue results in system crashes under specific conditions and exploitation requires precise timing.", "threat_severity": "Moderate"}

{

bugzilla : { »

description : kernel: udp: fix race between close() and udp_abort() (string)

id : 2282564 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2282564 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 5.8 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H (string)

status : draft (string)

}

cwe : CWE-362 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close() and udp_abort() Kaustubh reported and diagnosed a panic in udp_lib_lookup(). The root cause is udp_abort() racing with close(). Both racing functions acquire the socket lock, but udp{v6}_destroy_sock() release it before performing destructive actions. We can't easily extend the socket lock scope to avoid the race, instead use the SOCK_DEAD flag to prevent udp_abort from doing any action when the critical race happens. Diagnosed-and-tested-by: Kaustubh Pandey <kapandey@codeaurora.org> (string)

1 : A vulnerability was found in the Linux kernel's UDP implementation, where a race condition exists between the close() and udp_abort() functions. This race can cause a system panic during socket operations, leading to unexpected crashes (string)

]

mitigation : { »

lang : en:us (string)

value : Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible. (string)

}

name : CVE-2021-47248 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-21T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2021-47248 https://nvd.nist.gov/vuln/detail/CVE-2021-47248 https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2021-47248-2609@gregkh/T (string)

]

statement : This vulnerability is rated as a moderate severity because this issue results in system crashes under specific conditions and exploitation requires precise timing. (string)

threat_severity : Moderate (string)

}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object