CVE-2021-47589: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-47589 affects the Linux kernel's igbvf driver, specifically related to a double free vulnerability in the igbvf_probe function. The issue was discovered and reported by Zheyu Ma, and affects Linux kernel versions from 2.6.30 up to 5.15.11 (NVD).

The vulnerability occurs in the igbvf_probe function when registernetdev() fails. The execution path leads to label errhwinit and then to label errioremap. In freenetdev(), which is called below label errioremap, there is list_for_each_entry_safe and netif_napi_del that attempts to delete all entries in dev->napi_list. The issue arises because an entry adapter->rx_ring->napi (added by netif_napi_add in igbvfallocqueues()) is accessed after adapter->rxring has been freed below label errhw_init, resulting in a use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 HIGH (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) (NVD).

This vulnerability could lead to a use-after-free condition in the Linux kernel, potentially resulting in system crashes, information leaks, or privilege escalation. The issue affects systems running the igbvf driver for Intel 82576 virtual functions (Kernel Patch).

The issue has been fixed by adding a call to netifnapidel() before freeing adapter->rx_ring in the error path. Users should update their Linux kernel to a version that includes the fix. The patch has been backported to multiple stable kernel versions (Kernel Patch).