5.5
CVE-2021-47307
- EPSS 0.24%
- Veröffentlicht 21.05.2024 15:15:18
- Zuletzt bearbeitet 26.12.2024 18:44:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
cifs: prevent NULL deref in cifs_compose_mount_options()
In the Linux kernel, the following vulnerability has been resolved:
cifs: prevent NULL deref in cifs_compose_mount_options()
The optional @ref parameter might contain an NULL node_name, so
prevent dereferencing it in cifs_compose_mount_options().
Addresses-Coverity: 1476408 ("Explicit null dereferenced")Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.4.135
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.53
Linux ≫ Linux Kernel Version >= 5.11 < 5.13.5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.142 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306
https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d
https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796
https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759