CVE-2021-47002 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-47002 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null pointer dereference in svc_rqst_free() When alloc_pages_node() returns null in svc_rqst_alloc(), the null rq_scratch_page pointer will be dereferenced when calling put_page() in svc_rqst_free(). Fix it by adding a null check. Addresses-Coverity: ("Dereference after null check")

EPSS 0.01% · 1.3th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.01%

1.3th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	5.10.220, 5.11, 5.11
Linux	Linux	5.12.5, 79e4e0d489c8e72b9efa388e504a036eec1550c6, 5.11.22

Timeline

Feb 28, 2024 CVE Published
Feb 29, 2024 EPSS Score
Feb 29, 2024 PoC Published
Mar 26, 2024 EPSS Score
Apr 21, 2024 EPSS Score
May 17, 2024 EPSS Score
Jun 13, 2024 EPSS Score
Jul 9, 2024 EPSS Score
Aug 4, 2024 EPSS Score
Aug 30, 2024 EPSS Score
Sep 25, 2024 EPSS Score
Oct 21, 2024 EPSS Score

References

Open in Interactive Console →