Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-47353

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-21 May, 2024 | 14:35
Updated At-04 May, 2025 | 07:09
Rejected At-
Credits

udf: Fix NULL pointer dereference in udf_symlink function

In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the value of sb_getblk function that could be NULL. Then, epos.bh is used without any check, causing a possible NULL pointer dereference when sb_getblk fails. This fix adds a check to validate the value of epos.bh.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:21 May, 2024 | 14:35
Updated At:04 May, 2025 | 07:09
Rejected At:
▼CVE Numbering Authority (CNA)
udf: Fix NULL pointer dereference in udf_symlink function

In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the value of sb_getblk function that could be NULL. Then, epos.bh is used without any check, causing a possible NULL pointer dereference when sb_getblk fails. This fix adds a check to validate the value of epos.bh.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • fs/udf/namei.c
Default Status
unaffected
Versions
Affected
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 2f3d9ddd32a28803baa547e6274983b67d5e287c (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 371566f63cbd0bb6fbb25b8fe9d5798268d35af9 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before baea588a42d675e35daeaddd10fbc9700550bc4d (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 3638705ecd5ad2785e996f820121c0ad15ce64b5 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 80d505aee6398cf8beb72475c7edcf1733c1c68b (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 21bf1414580c36ffc8d8de043beb3508cf812238 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before aebed6b19e51a34003d998da5ebb1dfdd2cb1d02 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 5150877e4d99f85057a458daac7cd7c01005d5c6 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • fs/udf/namei.c
Default Status
affected
Versions
Unaffected
  • From 4.4.276 through 4.4.* (semver)
  • From 4.9.276 through 4.9.* (semver)
  • From 4.14.240 through 4.14.* (semver)
  • From 4.19.198 through 4.19.* (semver)
  • From 5.4.133 through 5.4.* (semver)
  • From 5.10.51 through 5.10.* (semver)
  • From 5.12.18 through 5.12.* (semver)
  • From 5.13.3 through 5.13.* (semver)
  • From 5.14 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c
N/A
https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9
N/A
https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d
N/A
https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5
N/A
https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b
N/A
https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238
N/A
https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02
N/A
https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6
N/A
https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43
N/A
Hyperlink: https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c
x_transferred
https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9
x_transferred
https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d
x_transferred
https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5
x_transferred
https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b
x_transferred
https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238
x_transferred
https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02
x_transferred
https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6
x_transferred
https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43
x_transferred
Hyperlink: https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:21 May, 2024 | 15:15
Updated At:24 Dec, 2024 | 16:11

In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the value of sb_getblk function that could be NULL. Then, epos.bh is used without any check, causing a possible NULL pointer dereference when sb_getblk fails. This fix adds a check to validate the value of epos.bh.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions before 4.4.276(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.5(inclusive) to 4.9.276(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.10(inclusive) to 4.14.240(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.15(inclusive) to 4.19.198(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.20(inclusive) to 5.4.133(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.5(inclusive) to 5.10.51(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.11(inclusive) to 5.12.18(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.13(inclusive) to 5.13.3(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-476Primarynvd@nist.gov
CWE ID: CWE-476
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287caf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68baf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4daf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43af854a3a-2127-422b-91ae-364da2661108
Patch
Hyperlink: https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

0Records found
Details not found