CVE-2021-47301
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's igb network driver. When the network controller is reset while igb_poll() is running, the driver may attempt to access already-freed memory, potentially causing system crashes or allowing memory corruption. This affects systems using Intel Gigabit Ethernet controllers with the igb driver.
💻 Affected Systems
- Linux kernel with igb driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, potential privilege escalation if memory corruption can be controlled, or denial of service.
Likely Case
System crash or kernel panic when network controller resets occur during heavy network traffic, causing denial of service.
If Mitigated
Minimal impact if systems are patched or not using affected igb driver configurations.
🎯 Exploit Status
Exploitation requires precise timing during network controller reset while igb_poll() is running. No public exploits known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 7b292608db23ccbbfbfa50cdb155d01725d7a52e, 88e0720133d42d34851c8721cf5f289a50a8710f, 8e24c12f2ff6d32fd9f057382f08e748ec97194c, d3ccb18ed5ac3283c7b31ecc685b499e580d5492, d7367f781e5a9ca5df9082b15b272b55e76931f8
Vendor Advisory: https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable igb driver
linuxRemove or blacklist the igb driver if not needed
echo 'blacklist igb' >> /etc/modprobe.d/blacklist.conf
rmmod igb
Use alternative network driver
linuxSwitch to different network driver if hardware supports it
🧯 If You Can't Patch
- Monitor system logs for kernel panics or oops messages related to igb driver
- Implement network segmentation to limit potential impact of system crashes
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if igb module is loaded: lsmod | grep igb && uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits or check with distribution's security update verification tools📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- Oops messages mentioning igb_poll or skb_free
- System crash logs during network operations
Network Indicators:
- Unexpected network interface resets
- Network connectivity loss
SIEM Query:
source="kernel" AND ("panic" OR "oops") AND "igb"🔗 References
- https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e
- https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f
- https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c
- https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492
- https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8
- https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240
- https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e
- https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f
- https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c
- https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492
- https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8
- https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240
