CVE-2021-47495
📋 TL;DR
A Linux kernel vulnerability in the USB network driver (usbnet) where a maxpacket value of 0 causes a division-by-zero error, leading to kernel oops/panic. This affects Linux systems with USB network devices and can cause denial of service. The vulnerability requires local access or ability to trigger USB device interactions.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic causing system crash and denial of service, potentially leading to data loss or service disruption.
Likely Case
System crash or kernel oops when a malicious or malformed USB network device is connected, requiring reboot to restore service.
If Mitigated
Minor service interruption if system automatically recovers from oops, or no impact if vulnerable code path isn't triggered.
🎯 Exploit Status
Exploitation requires triggering the vulnerable code path with maxpacket=0, likely through USB device manipulation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing fixes from referenced git commits
Vendor Advisory: https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable USB network devices
linuxPrevent loading of usbnet driver or block USB network device usage
echo 'blacklist usbnet' >> /etc/modprobe.d/blacklist.conf
rmmod usbnet
Restrict USB device access
linuxUse udev rules or physical security to prevent unauthorized USB device connections
# Create udev rule to block specific USB devices or require authorization
🧯 If You Can't Patch
- Implement strict physical security controls to prevent unauthorized USB device connections
- Monitor system logs for kernel oops/panic events related to usbnet driver
🔍 How to Verify
Check if Vulnerable:
Check kernel version against distribution security advisories. Vulnerable if using unpatched kernel with usbnet driver.Check Version:
uname -rVerify Fix Applied:
Verify kernel version matches patched version from vendor advisory and test USB network device functionality.📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages mentioning usbnet
- Division by zero errors in kernel logs
- System crash/panic logs
Network Indicators:
- Sudden loss of network connectivity on USB interfaces
SIEM Query:
source="kernel" AND ("usbnet" OR "division by zero")🔗 References
- https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed
- https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e
- https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20
- https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767
- https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a
- https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4
- https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5
- https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e
- https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed
- https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e
- https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20
- https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767
- https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a
- https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4
- https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5
- https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e
