CVE-2021-47307

Summary

In the Linux kernel, the following vulnerability has been resolved:

cifs: prevent NULL deref in cifs_compose_mount_options()

The optional @ref parameter might contain an NULL node_name, so prevent dereferencing it in cifs_compose_mount_options().

Addresses-Coverity: 1476408 ("Explicit null dereferenced")

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2c55608f28444c3f33b10312881384c470ceed56 < f7d1fa65e74263d11f90ddd33b4d4cd905a93759affected
LinuxLinux2c55608f28444c3f33b10312881384c470ceed56 < e58c162789becede894d3e94c0ce6695a2ef5796affected
LinuxLinux2c55608f28444c3f33b10312881384c470ceed56 < ae3d181f4e912f51af7776ea165f199b16fc165daffected
LinuxLinux2c55608f28444c3f33b10312881384c470ceed56 < 03313d1c3a2f086bb60920607ab79ac8f8578306affected
LinuxLinux2.6.28affected
LinuxLinux0 < 2.6.28unaffected
LinuxLinux5.4.135 <= 5.4.*unaffected
LinuxLinux5.10.53 <= 5.10.*unaffected
LinuxLinux5.13.5 <= 5.13.*unaffected
LinuxLinux5.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References