5.5
CVE-2021-47141
- EPSS 0.23%
- Veröffentlicht 25.03.2024 09:15:08
- Zuletzt bearbeitet 20.12.2024 13:52:15
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
gve: Add NULL pointer checks when freeing irqs.
In the Linux kernel, the following vulnerability has been resolved: gve: Add NULL pointer checks when freeing irqs. When freeing notification blocks, we index priv->msix_vectors. If we failed to allocate priv->msix_vectors (see abort_with_msix_vectors) this could lead to a NULL pointer dereference if the driver is unloaded.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.3 < 5.4.124
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.42
Linux ≫ Linux Kernel Version >= 5.11 < 5.12.9
Linux ≫ Linux Kernel Version5.13 Updaterc1
Linux ≫ Linux Kernel Version5.13 Updaterc2
Linux ≫ Linux Kernel Version5.13 Updaterc3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.129 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/5218e919c8d06279884aa0baf76778a6817d5b93
https://git.kernel.org/stable/c/5278c75266c5094d3c0958793bf12fc90300e580
https://git.kernel.org/stable/c/821149ee88c206fa37e79c1868cc270518484876
https://git.kernel.org/stable/c/da21a35c00ff1a1794d4f166d3b3fa8db4d0f6fb