CVE-2021-47194

cfg80211: call cfg80211_stop_ap when switch from P2P_GO type

Description

In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type If the userspace tools switch from NL80211_IFTYPE_P2P_GO to NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it does not call the cleanup cfg80211_stop_ap(), this leads to the initialization of in-use data. For example, this path re-init the sdata->assigned_chanctx_list while it is still an element of assigned_vifs list, and makes that linked list corrupt.

Category

7.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/8f06bb8c216bcd172394f61e557727e691b4cb24 patch
https://git.kernel.org/stable/c/0738cdb636c21ab552eaecf905efa4a6070e3ebc patch
https://git.kernel.org/stable/c/4e458abbb4a523f1413bfe15c079cf4e24c15b21 patch
https://git.kernel.org/stable/c/b8a045e2a9b234cfbc06cf36923886164358ddec patch
https://git.kernel.org/stable/c/52affc201fc22a1ab9a59ef0ed641a9adfcb8d13 patch
https://git.kernel.org/stable/c/7b97b5776daa0b39dbdadfea176f9cc0646d4a66 patch
https://git.kernel.org/stable/c/5a9b671c8d74a3e1b999e7a0c7f366079bcc93dd patch
https://git.kernel.org/stable/c/563fbefed46ae4c1f70cffb8eb54c02df480b2c2 patch

Frequently Asked Questions

What is the severity of CVE-2021-47194?
CVE-2021-47194 has been scored as a high severity vulnerability.
How to fix CVE-2021-47194?
To fix CVE-2021-47194, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47194 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-47194 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47194?
CVE-2021-47194 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.