VDB

CVE-2021-47002

CVE-2021-47002 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null pointer dereference in svc_rqst_free() When alloc_pages_node() returns null in svc_rqst_alloc(), the null rq_scratch_page pointer will be dereferenced when calling put_page() in svc_rqst_free(). Fix it by adding a null check. Addresses-Coverity: ("Dereference after null check")

EPSS 0.01% · 1.5th percentile

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.01%
1.5th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel5.10.220, 5.11, 5.11
LinuxLinux79e4e0d489c8e72b9efa388e504a036eec1550c6, 5191955d6fc65e6d4efe8f4f10a6028298f57281, 5191955d6fc65e6d4efe8f4f10a6028298f57281

Timeline

  • Feb 28, 2024 CVE Published
  • Feb 29, 2024 EPSS Score
  • Feb 29, 2024 PoC Published
  • Mar 27, 2024 EPSS Score
  • Apr 22, 2024 EPSS Score
  • May 19, 2024 EPSS Score
  • Jun 15, 2024 EPSS Score
  • Jul 12, 2024 EPSS Score
  • Aug 7, 2024 EPSS Score
  • Sep 3, 2024 EPSS Score
  • Sep 29, 2024 EPSS Score
  • Oct 26, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›