Login Sign Up

CVE-2021-47297

5.5 MEDIUM

📋 TL;DR

This vulnerability in the Linux kernel's CAIF socket implementation allows reading uninitialized stack memory when sending messages with zero segments. It affects Linux systems using CAIF protocol, potentially exposing sensitive kernel memory data to local attackers.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific affected versions not specified in CVE, but references indicate stable kernel patches
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using CAIF (Communication CPU to Application CPU Interface) protocol, typically used in embedded/mobile systems

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of kernel memory contents, potentially revealing sensitive data like encryption keys or process information

🟠

Likely Case

Information leak of uninitialized kernel stack memory, which could contain residual data from previous operations

🟢

If Mitigated

No impact if CAIF protocol is not used or kernel is patched

🌐 Internet-Facing: LOW - Requires local access to exploit
🏢 Internal Only: MEDIUM - Local attackers could potentially read kernel memory

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM - Requires local access and knowledge of CAIF socket programming

Exploitation requires local access and ability to create CAIF sockets

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in stable kernel versions via commits referenced in CVE

Vendor Advisory: https://git.kernel.org/stable/c/991e634360f2622a683b48dfe44fe6d9cb765a09

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version 2. Reboot system 3. Verify kernel version

🔧 Temporary Workarounds

Disable CAIF module

linux

Remove or blacklist CAIF kernel module if not needed

modprobe -r caif
echo 'blacklist caif' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Restrict local user access to systems using CAIF protocol
  • Implement strict access controls and monitoring for CAIF socket usage

🔍 How to Verify

Check if Vulnerable:

Check if CAIF module is loaded: lsmod | grep caif

Check Version:

uname -r

Verify Fix Applied:

Check kernel version against patched versions in git commits

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic or KMSAN warnings related to caif_seqpkt_sendmsg

Network Indicators:

  • Unusual CAIF socket activity from untrusted users

SIEM Query:

process:caif AND (event:warning OR event:error)

📊 Metadata

CVE ID: CVE-2021-47297
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-908
Published: May 21, 2024
Last Updated: April 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47297, you might also want to check these:

CVE-2021-26305 9.8

CVE-2021-26305 is a deserialization vulnerability in the cdr crate for Rust that allows a malicious ...

Same vulnerability type (CWE-908)
CVE-2020-36443 9.8

This vulnerability in libp2p-deflate crate for Rust allows reading uninitialized memory due to passi...

Same vulnerability type (CWE-908)
CVE-2020-36452 9.8

This vulnerability in the array-tools Rust crate allows attackers to cause memory corruption by expl...

Same vulnerability type (CWE-908)