VDB

CISA-2021-47186

CISA-2021-47186 PUBLISHED

Reported by Linux · Published April 10, 2024

In the Linux kernel, the following vulnerability has been resolved: tipc: check for null after calling kmemdup kmemdup can return a null pointer so need to check for it, otherwise the null key will be dereferenced later in tipc_crypto_key_xmit as can be seen in the trace [1]. [1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58

Affected Products

VendorProductVersions
LinuxLinux1ef6f7c9390ff5308c940ff8d0a53533a4673ad9, 1ef6f7c9390ff5308c940ff8d0a53533a4673ad9, 1ef6f7c9390ff5308c940ff8d0a53533a4673ad9
LinuxLinux5.10, 0, 5.10.82
LinuxLinux5.16, 5.15.5, 1ef6f7c9390ff5308c940ff8d0a53533a4673ad9
linuxlinux_kernel1da177e4c3f4, 1da177e4c3f4, 5.10.82
linuxlinux_kernel5.10, 5.10, 5.10

Timeline

  • Apr 10, 2024 CVE Published
  • May 20, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›