{"id":"CVE-2021-47017","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nath10k: Fix a use after free in ath10k_htc_send_bundle\n\nIn ath10k_htc_send_bundle, the bundle_skb could be freed by\ndev_kfree_skb_any(bundle_skb). But the bundle_skb is used later\nby bundle_skb-\u003elen.\n\nAs skb_len = bundle_skb-\u003elen, my patch replaces bundle_skb-\u003elen to\nskb_len after the bundle_skb was freed.","modified":"2026-03-13T05:20:29.212691Z","published":"2024-02-28T09:15:38.960Z","related":["SUSE-SU-2024:1465-1","SUSE-SU-2024:1489-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/3b1ac40c6012140828caa79e592a438a18ebf71b"},{"type":"FIX","url":"https://git.kernel.org/stable/c/5e413c0831ff4700d1739db3fa3ae9f859744676"},{"type":"FIX","url":"https://git.kernel.org/stable/c/8392df5d7e0b6a7d21440da1fc259f9938f4dec3"},{"type":"FIX","url":"https://git.kernel.org/stable/c/8bb054fb336f4250002fff4e0b075221c05c3c65"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47017.json","unresolved_ranges":[{"events":[{"introduced":"5.8"},{"fixed":"5.10.37"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.11.21"}]},{"events":[{"introduced":"5.12"},{"fixed":"5.12.4"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}