Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-47186

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-10 Apr, 2024 | 18:56
Updated At-20 May, 2025 | 14:27
Rejected At-
Credits

tipc: check for null after calling kmemdup

In the Linux kernel, the following vulnerability has been resolved: tipc: check for null after calling kmemdup kmemdup can return a null pointer so need to check for it, otherwise the null key will be dereferenced later in tipc_crypto_key_xmit as can be seen in the trace [1]. [1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:10 Apr, 2024 | 18:56
Updated At:20 May, 2025 | 14:27
Rejected At:
▼CVE Numbering Authority (CNA)
tipc: check for null after calling kmemdup

In the Linux kernel, the following vulnerability has been resolved: tipc: check for null after calling kmemdup kmemdup can return a null pointer so need to check for it, otherwise the null key will be dereferenced later in tipc_crypto_key_xmit as can be seen in the trace [1]. [1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/tipc/crypto.c
Default Status
unaffected
Versions
Affected
  • From 1ef6f7c9390ff5308c940ff8d0a53533a4673ad9 before a7d91625863d4ffed63b993b5e6dc1298b6430c9 (git)
  • From 1ef6f7c9390ff5308c940ff8d0a53533a4673ad9 before 9404c4145542c23019a80ab1bb2ecf73cd057b10 (git)
  • From 1ef6f7c9390ff5308c940ff8d0a53533a4673ad9 before 3e6db079751afd527bf3db32314ae938dc571916 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/tipc/crypto.c
Default Status
affected
Versions
Affected
  • 5.10
Unaffected
  • From 0 before 5.10 (semver)
  • From 5.10.82 through 5.10.* (semver)
  • From 5.15.5 through 5.15.* (semver)
  • From 5.16 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9
N/A
https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10
N/A
https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916
N/A
Hyperlink: https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1da177e4c3f4 before a7d91625863d (custom)
  • From 1da177e4c3f4 before 9404c4145542 (custom)
  • From 1da177e4c3f4 before 3e6db079751a (custom)
Unaffected
  • From 5.10.82 through 5.11 (custom)
  • From 5.15.5 through 5.16 (custom)
  • 5.16
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9
x_transferred
https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10
x_transferred
https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916
x_transferred
Hyperlink: https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:10 Apr, 2024 | 19:15
Updated At:21 Feb, 2025 | 17:15

In the Linux kernel, the following vulnerability has been resolved: tipc: check for null after calling kmemdup kmemdup can return a null pointer so need to check for it, otherwise the null key will be dereferenced later in tipc_crypto_key_xmit as can be seen in the trace [1]. [1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
CPE Matches
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916af854a3a-2127-422b-91ae-364da2661108
N/A
https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10af854a3a-2127-422b-91ae-364da2661108
N/A
https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

0Records found
Details not found