CVE-2021-47501

Summary

In the Linux kernel, the following vulnerability has been resolved:

i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc

When trying to dump VFs VSI RX/TX descriptors using debugfs there was a crash due to NULL pointer dereference in i40e_dbg_dump_desc. Added a check to i40e_dbg_dump_desc that checks if VSI type is correct for dumping RX/TX descriptors.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux02e9c290814cc143ceccecb14eac3e7a05da745e < e5b7fb2198abc50058f1a29c395b004f76ab1c83affected
LinuxLinux02e9c290814cc143ceccecb14eac3e7a05da745e < 16431e442db248ecd8aa9457cf0a656f1885f56eaffected
LinuxLinux02e9c290814cc143ceccecb14eac3e7a05da745e < 23ec111bf3549aae37140330c31a16abfc172421affected
LinuxLinux3.12affected
LinuxLinux0 < 3.12unaffected
LinuxLinux5.10.85 <= 5.10.*unaffected
LinuxLinux5.15.8 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References