CVE-2021-47184 : In the Linux kernel, the following vulnerability has been resolved: i40e: Fix N

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40E_VSI_RELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sync filters subtask. Without this patch it is possible to start update the VSI filter list after VSI is removed, that's causing a kernel oops.

Published 2024-04-10 18:56:25

Updated 2025-01-14 16:41:59

Source Linux

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2021-47184

Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.15.5
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.12 and before (<) 4.14.256
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.15 and before (<) 4.19.218
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.20 and before (<) 5.4.162
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.82
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.16 Update RC1
cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-47184

EPSS FAQ

0.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 1 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-47184

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2025-01-14
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-47184

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-47184

https://git.kernel.org/stable/c/37d9e304acd903a445df8208b8a13d707902dea6

i40e: Fix NULL ptr dereference on VSI filter sync - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/78f2a9e831f9610e3655a0be5e675e1aa2472089

i40e: Fix NULL ptr dereference on VSI filter sync - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/e91e8427a1e1633a0261e3bb0201c836ac5b3890

i40e: Fix NULL ptr dereference on VSI filter sync - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/c30162da91327e4cdf7cd03079f096bb3654738c

i40e: Fix NULL ptr dereference on VSI filter sync - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/f866513ead4370402428ef724b03c3312295c178

i40e: Fix NULL ptr dereference on VSI filter sync - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/87c421ab4a43433cb009fea44bbbc77f46913e1d

i40e: Fix NULL ptr dereference on VSI filter sync - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2021-47184

Products affected by CVE-2021-47184

Exploit prediction scoring system (EPSS) score for CVE-2021-47184

CVSS scores for CVE-2021-47184

CWE ids for CVE-2021-47184

References for CVE-2021-47184