CVE-2021-47518

Summary

In the Linux kernel, the following vulnerability has been resolved:

nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done

The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in dumpit() (nfc_genl_dump_ses()).

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 < 87cdb8789c38e44ae5454aafe277997c950d00edaffected
LinuxLinuxac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 < 69bb79a8f5bb9f436b6f1434ca9742591b7bbe18affected
LinuxLinuxac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 < 811a7576747760bcaf60502f096d1e6e91d566faaffected
LinuxLinuxac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 < 3b861a40325eac9c4c13b6c53874ad90617e944daffected
LinuxLinuxac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 < 48fcd08fdbe05e35b650a252ec2a2d96057a1c7aaffected
LinuxLinuxac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 < 83ea620a1be840bf05089a5061fb8323ca42f38caffected
LinuxLinuxac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 < fae9705d281091254d4a81fa2da9d22346097dcaaffected
LinuxLinuxac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 < 4cd8371a234d051f9c9557fcbb1f8c523b1c0d10affected
LinuxLinux3.12affected
LinuxLinux0 < 3.12unaffected
LinuxLinux4.4.295 <= 4.4.*unaffected
LinuxLinux4.9.293 <= 4.9.*unaffected
LinuxLinux4.14.258 <= 4.14.*unaffected
LinuxLinux4.19.221 <= 4.19.*unaffected
LinuxLinux5.4.165 <= 5.4.*unaffected
LinuxLinux5.10.85 <= 5.10.*unaffected
LinuxLinux5.15.8 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References