CVE-2021-47257

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185
https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0
https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70
https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e
https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627
https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67
https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993

Configurations

No configuration.

History

07 Nov 2024, 17:35

Type	Values Removed	Values Added
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: ieee802154: corrige el deref null en analizar dev addr. Se corrige un error lógico que podría resultar en un deref null si el usuario configura el modo incorrectamente para el tipo de dirección dado.

21 May 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-21 15:15

Updated : 2024-11-07 17:35

NVD link : CVE-2021-47257

Mitre link : CVE-2021-47257

CVE.ORG link : CVE-2021-47257

JSON object : View

Products Affected

No product.

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2021-47257", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-05-21T15:15:14.460", "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: ieee802154: corrige el deref null en analizar dev addr. Se corrige un error l\u00f3gico que podr\u00eda resultar en un deref null si el usuario configura el modo incorrectamente para el tipo de direcci\u00f3n dado."}], "lastModified": "2024-11-07T17:35:01.883", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}