{"id":"CVE-2021-47555","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vlan: fix underflow for the real_dev refcnt\n\nInject error before dev_hold(real_dev) in register_vlan_dev(),\nand execute the following testcase:\n\nip link add dev dummy1 type dummy\nip link add name dummy1.100 link dummy1 type vlan id 100\nip link del dev dummy1\n\nWhen the dummy netdevice is removed, we will get a WARNING as following:\n\n=======================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 2 PID: 0 at lib/refcount.c:31 refcount_warn_saturate+0xbf/0x1e0\n\nand an endless loop of:\n\n=======================================================================\nunregister_netdevice: waiting for dummy1 to become free. Usage count = -1073741824\n\nThat is because dev_put(real_dev) in vlan_dev_free() be called without\ndev_hold(real_dev) in register_vlan_dev(). It makes the refcnt of real_dev\nunderflow.\n\nMove the dev_hold(real_dev) to vlan_dev_init() which is the call-back of\nndo_init(). That makes dev_hold() and dev_put() for vlan's real_dev\nsymmetrical.","modified":"2026-03-13T05:20:48.822763Z","published":"2024-05-24T15:15:20.237Z","related":["SUSE-SU-2024:2008-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2372-1","SUSE-SU-2024:2385-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2495-1","SUSE-SU-2024:2939-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/01d9cc2dea3fde3bad6d27f464eff463496e2b00"},{"type":"FIX","url":"https://git.kernel.org/stable/c/5e44178864b38dd70b877985abd7d86fdb95f27d"},{"type":"FIX","url":"https://git.kernel.org/stable/c/6e800ee43218a56acc93676bbb3d93b74779e555"},{"type":"FIX","url":"https://git.kernel.org/stable/c/f7fc72a508cf115c273a7a29350069def1041890"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47555.json","unresolved_ranges":[{"events":[{"introduced":"5.4.160"},{"fixed":"5.4.163"}]},{"events":[{"introduced":"5.10.80"},{"fixed":"5.10.83"}]},{"events":[{"introduced":"5.14.19"},{"fixed":"5.15"}]},{"events":[{"introduced":"5.15.3"},{"fixed":"5.15.6"}]},{"events":[{"introduced":"0"},{"last_affected":"5.16-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.16-rc2"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}