Not to be fixed
Created: Feb 28, 2024
Updated: Mar 26, 2024
Resolved Date: Mar 26, 2024
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
ath10k: Fix a use after free in ath10k_htc_send_bundle
In ath10k_htc_send_bundle, the bundle_skb could be freed by
dev_kfree_skb_any(bundle_skb). But the bundle_skb is used later
by bundle_skb->len.
As skb_len = bundle_skb->len, my patch replaces bundle_skb->len to
skb_len after the bundle_skb was freed.
CREATE(Triage):(User=admin) CVE-2021-47017 (https://nvd.nist.gov/vuln/detail/CVE-2021-47017)
