{"id":"CVE-2021-47291","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions\n\nWhile running the self-tests on a KASAN enabled kernel, I observed a\nslab-out-of-bounds splat very similar to the one reported in\ncommit 821bbf79fe46 (\"ipv6: Fix KASAN: slab-out-of-bounds Read in\n fib6_nh_flush_exceptions\").\n\nWe additionally need to take care of fib6_metrics initialization\nfailure when the caller provides an nh.\n\nThe fix is similar, explicitly free the route instead of calling\nfib6_info_release on a half-initialized object.","modified":"2026-03-13T05:20:40.875589Z","published":"2024-05-21T15:15:17.100Z","related":["SUSE-SU-2024:2893-1","SUSE-SU-2024:2923-1","SUSE-SU-2024:2948-1","SUSE-SU-2024:3641-1","SUSE-SU-2024:3642-1","SUSE-SU-2024:3648-1","SUSE-SU-2024:3649-1","SUSE-SU-2024:3651-1","SUSE-SU-2024:3652-1","SUSE-SU-2024:3661-1","SUSE-SU-2024:3676-1","SUSE-SU-2024:3685-1","SUSE-SU-2024:3690-1","SUSE-SU-2024:3704-1","SUSE-SU-2024:3768-1","SUSE-SU-2024:3774-1","SUSE-SU-2024:3779-1","SUSE-SU-2024:3796-1","SUSE-SU-2024:3798-1","SUSE-SU-2024:3800-1","SUSE-SU-2024:3803-1","SUSE-SU-2024:3814-1","SUSE-SU-2024:3849-1","SUSE-SU-2024:3854-1","SUSE-SU-2024:4161-1","SUSE-SU-2024:4180-1","SUSE-SU-2024:4231-1","SUSE-SU-2024:4242-1","SUSE-SU-2024:4246-1","SUSE-SU-2024:4248-1","SUSE-SU-2024:4250-1","SUSE-SU-2024:4256-1","SUSE-SU-2024:4263-1","SUSE-SU-2024:4264-1","SUSE-SU-2025:0101-1","SUSE-SU-2025:0105-1","SUSE-SU-2025:0106-1","SUSE-SU-2025:0131-1","SUSE-SU-2025:0137-1","SUSE-SU-2025:0238-1","SUSE-SU-2025:0239-1","SUSE-SU-2025:0240-1","SUSE-SU-2025:0243-1","SUSE-SU-2025:0244-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/8fb4792f091e608a0a1d353dfdf07ef55a719db5"},{"type":"FIX","url":"https://git.kernel.org/stable/c/ce8fafb68051fba52546f8bbe8621f7641683680"},{"type":"FIX","url":"https://git.kernel.org/stable/c/115784bcccf135c3a3548098153413d76f16aae0"},{"type":"FIX","url":"https://git.kernel.org/stable/c/830251361425c5be044db4d826aaf304ea3d14c6"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47291.json","unresolved_ranges":[{"events":[{"introduced":"5.3"},{"fixed":"5.4.136"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.54"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.13.6"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-rc2"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}]}