CVE-2021-47479 – This CVE describes a use-after-free vulnerabili... (How to Fix)

Q: What is the severity of CVE-2021-47479?

CVE-2021-47479 has a CVSS score of 7.0 (HIGH). This CVE describes a use-after-free vulnerability in the Linux kernel's rtl8712 Wi-Fi driver. An attacker could potentially execute arbitrary code or cause a denial-of-service by exploiting a race condition during device removal. Systems using the affected staging driver for Realtek 8712 USB Wi-Fi adapters are vulnerable.

📋 TL;DR

This CVE describes a use-after-free vulnerability in the Linux kernel's rtl8712 Wi-Fi driver. An attacker could potentially execute arbitrary code or cause a denial-of-service by exploiting a race condition during device removal. Systems using the affected staging driver for Realtek 8712 USB Wi-Fi adapters are vulnerable.

💻 Affected Systems

Products:

Linux kernel with rtl8712 staging driver

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when using Realtek 8712 USB Wi-Fi adapters with the staging driver loaded. Many distributions don't enable staging drivers by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to arbitrary code execution with kernel privileges, potentially resulting in full system compromise.

🟠

Likely Case

Kernel panic or system crash causing denial-of-service, requiring reboot to restore functionality.

🟢

If Mitigated

No impact if the vulnerable driver is not loaded or the affected hardware is not present.

🌐 Internet-Facing: LOW - Requires local access to the system or USB device connection.

🏢 Internal Only: MEDIUM - An attacker with physical access or local user privileges could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering a specific race condition during device removal, which may be difficult to reliably achieve.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in Linux kernel stable releases via commits a65c9afe9f2f, befd23bd3b17, c052cc1a069c, c430094541a8

Vendor Advisory: https://git.kernel.org/stable/c/a65c9afe9f2f55b7a7fb4a25ab654cd4139683a4

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load patched kernel. 3. Verify driver is no longer vulnerable.

🔧 Temporary Workarounds

Disable rtl8712 staging driver

linux

Prevent loading of the vulnerable driver module

echo 'blacklist r8712u' >> /etc/modprobe.d/blacklist.conf
rmmod r8712u

Avoid using affected hardware

all

Do not use Realtek 8712 USB Wi-Fi adapters until patched

🧯 If You Can't Patch

Disable or remove Realtek 8712 USB Wi-Fi adapters from vulnerable systems
Implement strict physical access controls to prevent unauthorized USB device connections

🔍 How to Verify

Check if Vulnerable:

Check if r8712u module is loaded: lsmod | grep r8712u. If loaded and kernel version is unpatched, system is vulnerable.

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes fix commits and r8712u module can be loaded without crashes during device removal testing.

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages
System crashes during USB device removal
dmesg errors mentioning rtl8712 or use-after-free

Network Indicators:

Unusual USB device connection/disconnection patterns

SIEM Query:

source="kernel" AND ("r8712u" OR "rtl8712" OR "use-after-free")

📊 Metadata

CVE ID: CVE-2021-47479

CVSS v3 Score: 7.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: May 22, 2024

Last Updated: September 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47479, you might also want to check these: