CVE-2021-47260

Summary

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix a potential NULL dereference in nfs_get_client()

None of the callers are expecting NULL returns from nfs_get_client() so this code will lead to an Oops. It's better to return an error pointer. I expect that this is dead code so hopefully no one is affected.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux31434f496abb9f3410b10f541462fe58613dd3ad < fab8bfdfb4aac9e4e8363666333adfdf21e89106affected
LinuxLinux31434f496abb9f3410b10f541462fe58613dd3ad < a979e601000982a3ca693171a6d4dffc47f8ad00affected
LinuxLinux31434f496abb9f3410b10f541462fe58613dd3ad < 634f17ff1d59905eb3b4bbbc00805961d08beaeeaffected
LinuxLinux31434f496abb9f3410b10f541462fe58613dd3ad < 4b380a7d84ef2ce3f4f5bec5d8706ed937ac6502affected
LinuxLinux31434f496abb9f3410b10f541462fe58613dd3ad < 0057ecef9f324007c0ba5fcca4ddd131178ce78baffected
LinuxLinux31434f496abb9f3410b10f541462fe58613dd3ad < 279ad78a00f8b9c5ff24171a59297187a3bd44b7affected
LinuxLinux31434f496abb9f3410b10f541462fe58613dd3ad < 58ddf61f10b8f9b7b1341644bfee2f1c6508d4e1affected
LinuxLinux31434f496abb9f3410b10f541462fe58613dd3ad < 09226e8303beeec10f2ff844d2e46d1371dc58e0affected
LinuxLinux3.17affected
LinuxLinux0 < 3.17unaffected
LinuxLinux4.4.273 <= 4.4.*unaffected
LinuxLinux4.9.273 <= 4.9.*unaffected
LinuxLinux4.14.237 <= 4.14.*unaffected
LinuxLinux4.19.195 <= 4.19.*unaffected
LinuxLinux5.4.126 <= 5.4.*unaffected
LinuxLinux5.10.44 <= 5.10.*unaffected
LinuxLinux5.12.11 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References