CVE-2021-47003

UNKNOWN

Published 2024-02-28T08:13:24.712Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-47003. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: Fix potential null dereference on pointer status

There are calls to idxd_cmd_exec that pass a null status pointer however
a recent commit has added an assignment to *status that can end up
with a null pointer dereference. The function expects a null status
pointer sometimes as there is a later assignment to *status where
status is first null checked. Fix the issue by null checking status
before making the assignment.

Addresses-Coverity: ("Explicit null dereferenced")

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

40e3b5c128645d2ddad12310c7be98758cafb2b0 89e3becd8f821e507052e012d2559dcda59f538e 89e3becd8f821e507052e012d2559dcda59f538e 89e3becd8f821e507052e012d2559dcda59f538e

Linux

Affected Versions:

5.11 0 5.10.38 5.11.22 5.12.5 5.13

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-xc3w-pcvf-rm7m

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix potential null dereference on pointer status There are calls to idxd_cmd_exec that pass a null status pointer however a recent commit has added an assignment to *status that can end up with a null pointer dereference. The function expects a null status pointer sometimes as there is a later assignment to *status where status is first null checked. Fix the issue by null checking status before making the assignment. Addresses-Coverity: ("Explicit null dereferenced")

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-47003

WEB https://git.kernel.org/stable/c/2280b4cc29d8cdd2be3d1b2d1ea4f958e2131c97

WEB https://git.kernel.org/stable/c/28ac8e03c43dfc6a703aa420d18222540b801120

WEB https://git.kernel.org/stable/c/5756f757c72501ef1a16f5f63f940623044180e9

WEB https://git.kernel.org/stable/c/7bc402f843e7817a4a808e7b9ab0bcd7ffd55bfa

Advisory provided by GitHub Security Advisory Database. Published: February 28, 2024, Modified: December 9, 2024

References

https://git.kernel.org/stable/c/5756f757c72501ef1a16f5f63f940623044180e9

https://git.kernel.org/stable/c/2280b4cc29d8cdd2be3d1b2d1ea4f958e2131c97

https://git.kernel.org/stable/c/7bc402f843e7817a4a808e7b9ab0bcd7ffd55bfa

https://git.kernel.org/stable/c/28ac8e03c43dfc6a703aa420d18222540b801120

Published: 2024-02-28T08:13:24.712Z

Last Modified: 2025-05-04T07:02:06.974Z

Copied to clipboard!

CVE-2021-47003

Expert Analysis

Description

Available Exploits

Related News

Affected Products

Linux

Affected Versions:

Linux

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!