CVE-2021-47223

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix vlan tunnel dst null pointer dereference This patch fixes a tunnel_dst null pointer dereference due to lockless access in the tunnel egress path. When deleting a vlan tunnel the tunnel_dst pointer is set to NULL without waiting a grace period (i.e. while it's still usable) and packets egressing are dereferencing it without checking. Use READ/WRITE_ONCE to annotate the lockless use of tunnel_id, use RCU for accessing tunnel_dst and make sure it is read only once and checked in the egress path. The dst is already properly RCU protected so we don't need to do anything fancy than to make sure tunnel_id and tunnel_dst are read only once and checked in the egress path.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530	Patch
https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f	Patch
https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c	Patch
https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d	Patch
https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79	Patch
https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7	Patch
https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530	Patch
https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f	Patch
https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c	Patch
https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d	Patch
https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79	Patch
https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc5::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc6::::::

History

03 Feb 2025, 16:11

Type	Values Removed	Values Added
CWE		CWE-476
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:5.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc6:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc3:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc1::::::
References	~~() https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530 -~~	() https://git.kernel.org/stable/c/24a6e55f17aa123bc1fc54b7d3c410b41bc16530 - Patch
References	~~() https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f -~~	() https://git.kernel.org/stable/c/58e2071742e38f29f051b709a5cca014ba51166f - Patch
References	~~() https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c -~~	() https://git.kernel.org/stable/c/a2241e62f6b4a774d8a92048fdf59c45f6c2fe5c - Patch
References	~~() https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d -~~	() https://git.kernel.org/stable/c/abb02e05cb1c0a30dd873a29f33bc092067dc35d - Patch
References	~~() https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79 -~~	() https://git.kernel.org/stable/c/ad7feefe7164892db424c45687472db803d87f79 - Patch
References	~~() https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7 -~~	() https://git.kernel.org/stable/c/fe0448a3fad365a747283a00a1d1ad5e8d6675b7 - Patch

Information

Published : 2024-05-21 15:15

Updated : 2025-02-03 16:11

NVD link : CVE-2021-47223

Mitre link : CVE-2021-47223

CVE.ORG link : CVE-2021-47223

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10