CVE-2021-46925 (GCVE-0-2021-46925)

Vulnerability from cvelistv5 – Published: 2024-02-27 09:43 – Updated: 2025-05-04 07:00
VLAI?
Title
net/smc: fix kernel panic caused by race of smc_sock
Summary
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A crash occurs when smc_cdc_tx_handler() tries to access smc_sock but smc_release() has already freed it. [ 4570.695099] BUG: unable to handle page fault for address: 000000002eae9e88 [ 4570.696048] #PF: supervisor write access in kernel mode [ 4570.696728] #PF: error_code(0x0002) - not-present page [ 4570.697401] PGD 0 P4D 0 [ 4570.697716] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 4570.698228] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.16.0-rc4+ #111 [ 4570.699013] Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 8c24b4c 04/0 [ 4570.699933] RIP: 0010:_raw_spin_lock+0x1a/0x30 <...> [ 4570.711446] Call Trace: [ 4570.711746] <IRQ> [ 4570.711992] smc_cdc_tx_handler+0x41/0xc0 [ 4570.712470] smc_wr_tx_tasklet_fn+0x213/0x560 [ 4570.712981] ? smc_cdc_tx_dismisser+0x10/0x10 [ 4570.713489] tasklet_action_common.isra.17+0x66/0x140 [ 4570.714083] __do_softirq+0x123/0x2f4 [ 4570.714521] irq_exit_rcu+0xc4/0xf0 [ 4570.714934] common_interrupt+0xba/0xe0 Though smc_cdc_tx_handler() checked the existence of smc connection, smc_release() may have already dismissed and released the smc socket before smc_cdc_tx_handler() further visits it. smc_cdc_tx_handler() |smc_release() if (!conn) | | |smc_cdc_tx_dismiss_slots() | smc_cdc_tx_dismisser() | |sock_put(&smc->sk) <- last sock_put, | smc_sock freed bh_lock_sock(&smc->sk) (panic) | To make sure we won't receive any CDC messages after we free the smc_sock, add a refcount on the smc_connection for inflight CDC message(posted to the QP but haven't received related CQE), and don't release the smc_connection until all the inflight CDC messages haven been done, for both success or failed ones. Using refcount on CDC messages brings another problem: when the link is going to be destroyed, smcr_link_clear() will reset the QP, which then remove all the pending CQEs related to the QP in the CQ. To make sure all the CQEs will always come back so the refcount on the smc_connection can always reach 0, smc_ib_modify_qp_reset() was replaced by smc_ib_modify_qp_error(). And remove the timeout in smc_wr_tx_wait_no_pending_sends() since we need to wait for all pending WQEs done, or we may encounter use-after- free when handling CQEs. For IB device removal routine, we need to wait for all the QPs on that device been destroyed before we can destroy CQs on the device, or the refcount on smc_connection won't reach 0 and smc_sock cannot be released.
Severity ?
4.7 (Medium)
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE
  • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 5f08318f617b05b6ee389d8bd174c7af921ebf19 , < e8a5988a85c719ce7205cb00dcf0716dcf611332 (git)
Affected: 5f08318f617b05b6ee389d8bd174c7af921ebf19 , < b85f751d71ae8e2a15e9bda98852ea9af35282eb (git)
Affected: 5f08318f617b05b6ee389d8bd174c7af921ebf19 , < 349d43127dac00c15231e8ffbcaabd70f7b0e544 (git)
Create a notification for this product.
    Linux Linux Affected: 4.11
Unaffected: 0 , < 4.11 (semver)
Unaffected: 5.10.90 , ≤ 5.10.* (semver)
Unaffected: 5.15.13 , ≤ 5.15.* (semver)
Unaffected: 5.16 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-46925",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-27T14:30:40.812518Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-362",
                "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T13:48:24.020Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:17:42.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e8a5988a85c719ce7205cb00dcf0716dcf611332"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b85f751d71ae8e2a15e9bda98852ea9af35282eb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/349d43127dac00c15231e8ffbcaabd70f7b0e544"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/smc/smc.h",
            "net/smc/smc_cdc.c",
            "net/smc/smc_cdc.h",
            "net/smc/smc_core.c",
            "net/smc/smc_ib.c",
            "net/smc/smc_ib.h",
            "net/smc/smc_wr.c",
            "net/smc/smc_wr.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e8a5988a85c719ce7205cb00dcf0716dcf611332",
              "status": "affected",
              "version": "5f08318f617b05b6ee389d8bd174c7af921ebf19",
              "versionType": "git"
            },
            {
              "lessThan": "b85f751d71ae8e2a15e9bda98852ea9af35282eb",
              "status": "affected",
              "version": "5f08318f617b05b6ee389d8bd174c7af921ebf19",
              "versionType": "git"
            },
            {
              "lessThan": "349d43127dac00c15231e8ffbcaabd70f7b0e544",
              "status": "affected",
              "version": "5f08318f617b05b6ee389d8bd174c7af921ebf19",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/smc/smc.h",
            "net/smc/smc_cdc.c",
            "net/smc/smc_cdc.h",
            "net/smc/smc_core.c",
            "net/smc/smc_ib.c",
            "net/smc/smc_ib.h",
            "net/smc/smc_wr.c",
            "net/smc/smc_wr.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.11"
            },
            {
              "lessThan": "4.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.90",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.90",
                  "versionStartIncluding": "4.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.13",
                  "versionStartIncluding": "4.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.16",
                  "versionStartIncluding": "4.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix kernel panic caused by race of smc_sock\n\nA crash occurs when smc_cdc_tx_handler() tries to access smc_sock\nbut smc_release() has already freed it.\n\n[ 4570.695099] BUG: unable to handle page fault for address: 000000002eae9e88\n[ 4570.696048] #PF: supervisor write access in kernel mode\n[ 4570.696728] #PF: error_code(0x0002) - not-present page\n[ 4570.697401] PGD 0 P4D 0\n[ 4570.697716] Oops: 0002 [#1] PREEMPT SMP NOPTI\n[ 4570.698228] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.16.0-rc4+ #111\n[ 4570.699013] Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 8c24b4c 04/0\n[ 4570.699933] RIP: 0010:_raw_spin_lock+0x1a/0x30\n\u003c...\u003e\n[ 4570.711446] Call Trace:\n[ 4570.711746]  \u003cIRQ\u003e\n[ 4570.711992]  smc_cdc_tx_handler+0x41/0xc0\n[ 4570.712470]  smc_wr_tx_tasklet_fn+0x213/0x560\n[ 4570.712981]  ? smc_cdc_tx_dismisser+0x10/0x10\n[ 4570.713489]  tasklet_action_common.isra.17+0x66/0x140\n[ 4570.714083]  __do_softirq+0x123/0x2f4\n[ 4570.714521]  irq_exit_rcu+0xc4/0xf0\n[ 4570.714934]  common_interrupt+0xba/0xe0\n\nThough smc_cdc_tx_handler() checked the existence of smc connection,\nsmc_release() may have already dismissed and released the smc socket\nbefore smc_cdc_tx_handler() further visits it.\n\nsmc_cdc_tx_handler()           |smc_release()\nif (!conn)                     |\n                               |\n                               |smc_cdc_tx_dismiss_slots()\n                               |      smc_cdc_tx_dismisser()\n                               |\n                               |sock_put(\u0026smc-\u003esk) \u003c- last sock_put,\n                               |                      smc_sock freed\nbh_lock_sock(\u0026smc-\u003esk) (panic) |\n\nTo make sure we won\u0027t receive any CDC messages after we free the\nsmc_sock, add a refcount on the smc_connection for inflight CDC\nmessage(posted to the QP but haven\u0027t received related CQE), and\ndon\u0027t release the smc_connection until all the inflight CDC messages\nhaven been done, for both success or failed ones.\n\nUsing refcount on CDC messages brings another problem: when the link\nis going to be destroyed, smcr_link_clear() will reset the QP, which\nthen remove all the pending CQEs related to the QP in the CQ. To make\nsure all the CQEs will always come back so the refcount on the\nsmc_connection can always reach 0, smc_ib_modify_qp_reset() was replaced\nby smc_ib_modify_qp_error().\nAnd remove the timeout in smc_wr_tx_wait_no_pending_sends() since we\nneed to wait for all pending WQEs done, or we may encounter use-after-\nfree when handling CQEs.\n\nFor IB device removal routine, we need to wait for all the QPs on that\ndevice been destroyed before we can destroy CQs on the device, or\nthe refcount on smc_connection won\u0027t reach 0 and smc_sock cannot be\nreleased."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:00:28.074Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e8a5988a85c719ce7205cb00dcf0716dcf611332"
        },
        {
          "url": "https://git.kernel.org/stable/c/b85f751d71ae8e2a15e9bda98852ea9af35282eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/349d43127dac00c15231e8ffbcaabd70f7b0e544"
        }
      ],
      "title": "net/smc: fix kernel panic caused by race of smc_sock",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-46925",
    "datePublished": "2024-02-27T09:43:55.445Z",
    "dateReserved": "2024-02-25T13:45:52.719Z",
    "dateUpdated": "2025-05-04T07:00:28.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/e8a5988a85c719ce7205cb00dcf0716dcf611332\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/b85f751d71ae8e2a15e9bda98852ea9af35282eb\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/349d43127dac00c15231e8ffbcaabd70f7b0e544\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:17:42.919Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-46925\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-27T14:30:40.812518Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-362\", \"description\": \"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-05T15:20:37.714Z\"}}], \"cna\": {\"title\": \"net/smc: fix kernel panic caused by race of smc_sock\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5f08318f617b05b6ee389d8bd174c7af921ebf19\", \"lessThan\": \"e8a5988a85c719ce7205cb00dcf0716dcf611332\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5f08318f617b05b6ee389d8bd174c7af921ebf19\", \"lessThan\": \"b85f751d71ae8e2a15e9bda98852ea9af35282eb\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5f08318f617b05b6ee389d8bd174c7af921ebf19\", \"lessThan\": \"349d43127dac00c15231e8ffbcaabd70f7b0e544\", \"versionType\": \"git\"}], \"programFiles\": [\"net/smc/smc.h\", \"net/smc/smc_cdc.c\", \"net/smc/smc_cdc.h\", \"net/smc/smc_core.c\", \"net/smc/smc_ib.c\", \"net/smc/smc_ib.h\", \"net/smc/smc_wr.c\", \"net/smc/smc_wr.h\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.11\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.11\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.90\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"5.16\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/smc/smc.h\", \"net/smc/smc_cdc.c\", \"net/smc/smc_cdc.h\", \"net/smc/smc_core.c\", \"net/smc/smc_ib.c\", \"net/smc/smc_ib.h\", \"net/smc/smc_wr.c\", \"net/smc/smc_wr.h\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/e8a5988a85c719ce7205cb00dcf0716dcf611332\"}, {\"url\": \"https://git.kernel.org/stable/c/b85f751d71ae8e2a15e9bda98852ea9af35282eb\"}, {\"url\": \"https://git.kernel.org/stable/c/349d43127dac00c15231e8ffbcaabd70f7b0e544\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/smc: fix kernel panic caused by race of smc_sock\\n\\nA crash occurs when smc_cdc_tx_handler() tries to access smc_sock\\nbut smc_release() has already freed it.\\n\\n[ 4570.695099] BUG: unable to handle page fault for address: 000000002eae9e88\\n[ 4570.696048] #PF: supervisor write access in kernel mode\\n[ 4570.696728] #PF: error_code(0x0002) - not-present page\\n[ 4570.697401] PGD 0 P4D 0\\n[ 4570.697716] Oops: 0002 [#1] PREEMPT SMP NOPTI\\n[ 4570.698228] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.16.0-rc4+ #111\\n[ 4570.699013] Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 8c24b4c 04/0\\n[ 4570.699933] RIP: 0010:_raw_spin_lock+0x1a/0x30\\n\u003c...\u003e\\n[ 4570.711446] Call Trace:\\n[ 4570.711746]  \u003cIRQ\u003e\\n[ 4570.711992]  smc_cdc_tx_handler+0x41/0xc0\\n[ 4570.712470]  smc_wr_tx_tasklet_fn+0x213/0x560\\n[ 4570.712981]  ? smc_cdc_tx_dismisser+0x10/0x10\\n[ 4570.713489]  tasklet_action_common.isra.17+0x66/0x140\\n[ 4570.714083]  __do_softirq+0x123/0x2f4\\n[ 4570.714521]  irq_exit_rcu+0xc4/0xf0\\n[ 4570.714934]  common_interrupt+0xba/0xe0\\n\\nThough smc_cdc_tx_handler() checked the existence of smc connection,\\nsmc_release() may have already dismissed and released the smc socket\\nbefore smc_cdc_tx_handler() further visits it.\\n\\nsmc_cdc_tx_handler()           |smc_release()\\nif (!conn)                     |\\n                               |\\n                               |smc_cdc_tx_dismiss_slots()\\n                               |      smc_cdc_tx_dismisser()\\n                               |\\n                               |sock_put(\u0026smc-\u003esk) \u003c- last sock_put,\\n                               |                      smc_sock freed\\nbh_lock_sock(\u0026smc-\u003esk) (panic) |\\n\\nTo make sure we won\u0027t receive any CDC messages after we free the\\nsmc_sock, add a refcount on the smc_connection for inflight CDC\\nmessage(posted to the QP but haven\u0027t received related CQE), and\\ndon\u0027t release the smc_connection until all the inflight CDC messages\\nhaven been done, for both success or failed ones.\\n\\nUsing refcount on CDC messages brings another problem: when the link\\nis going to be destroyed, smcr_link_clear() will reset the QP, which\\nthen remove all the pending CQEs related to the QP in the CQ. To make\\nsure all the CQEs will always come back so the refcount on the\\nsmc_connection can always reach 0, smc_ib_modify_qp_reset() was replaced\\nby smc_ib_modify_qp_error().\\nAnd remove the timeout in smc_wr_tx_wait_no_pending_sends() since we\\nneed to wait for all pending WQEs done, or we may encounter use-after-\\nfree when handling CQEs.\\n\\nFor IB device removal routine, we need to wait for all the QPs on that\\ndevice been destroyed before we can destroy CQs on the device, or\\nthe refcount on smc_connection won\u0027t reach 0 and smc_sock cannot be\\nreleased.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.90\", \"versionStartIncluding\": \"4.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.13\", \"versionStartIncluding\": \"4.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.16\", \"versionStartIncluding\": \"4.11\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T07:00:28.074Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-46925\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T07:00:28.074Z\", \"dateReserved\": \"2024-02-25T13:45:52.719Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-02-27T09:43:55.445Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.