{"id":"CVE-2021-46991","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix use-after-free in i40e_client_subtask()\n\nCurrently the call to i40e_client_del_instance frees the object\npf-\u003ecinst, however pf-\u003ecinst-\u003elan_info is being accessed after\nthe free. Fix this by adding the missing return.\n\nAddresses-Coverity: (\"Read from pointer after free\")","modified":"2026-03-13T05:20:26.406127Z","published":"2024-02-28T09:15:37.787Z","related":["SUSE-SU-2024:0925-1","SUSE-SU-2024:0975-1","SUSE-SU-2024:0976-1","SUSE-SU-2024:1454-1","SUSE-SU-2024:1465-1","SUSE-SU-2024:1489-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/1fd5d262e7442192ac7611ff1597a36c5b044323"},{"type":"FIX","url":"https://git.kernel.org/stable/c/38318f23a7ef86a8b1862e5e8078c4de121960c3"},{"type":"FIX","url":"https://git.kernel.org/stable/c/4ebc10aa7cd17fd9857dedac69600465c9dd16d1"},{"type":"FIX","url":"https://git.kernel.org/stable/c/829a713450b8fb127cbabfc1244c1d8179ec5107"},{"type":"FIX","url":"https://git.kernel.org/stable/c/c1322eaeb8af0d8985b5cc5fa759140fa0e57b84"},{"type":"FIX","url":"https://git.kernel.org/stable/c/d718c15a2bf9ae082d5ae4d177fb19ef23cb4132"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-46991.json","unresolved_ranges":[{"events":[{"introduced":"4.16"},{"fixed":"4.19.191"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.120"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.38"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.11.22"}]},{"events":[{"introduced":"5.12"},{"fixed":"5.12.5"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}