5.5

CVE-2021-47141

gve: Add NULL pointer checks when freeing irqs.

In the Linux kernel, the following vulnerability has been resolved:

gve: Add NULL pointer checks when freeing irqs.

When freeing notification blocks, we index priv->msix_vectors.
If we failed to allocate priv->msix_vectors (see abort_with_msix_vectors)
this could lead to a NULL pointer dereference if the driver is unloaded.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.3 < 5.4.124
LinuxLinux Kernel Version >= 5.5 < 5.10.42
LinuxLinux Kernel Version >= 5.11 < 5.12.9
LinuxLinux Kernel Version5.13 Updaterc1
LinuxLinux Kernel Version5.13 Updaterc2
LinuxLinux Kernel Version5.13 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.129
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/5218e919c8d06279884aa0baf76778a6817d5b93
Patch
https://git.kernel.org/stable/c/5278c75266c5094d3c0958793bf12fc90300e580
Patch
https://git.kernel.org/stable/c/821149ee88c206fa37e79c1868cc270518484876
Patch
https://git.kernel.org/stable/c/da21a35c00ff1a1794d4f166d3b3fa8db4d0f6fb
Patch