CVE-2021-47257

MEDIUM

Linux Kernel < 4.9.274 - NULL Pointer Dereference in IEEE 802.15.4 Device Address Parser

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type.

References (7)

Core 7

Core References

Patch

https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185

Patch

https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e

Patch

https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0

Patch

https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67

Patch

https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627

Patch

https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993

Patch

https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70

Scores

CVSS v3 5.5

EPSS 0.0023

EPSS Percentile 13.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (18)

Linux/Linux < 4.4

Linux/Linux 4.14.238 - 4.14.*

Linux/Linux 4.19.196 - 4.19.*

Linux/Linux 4.4

Linux/Linux 4.9.274 - 4.9.*

Linux/Linux 5.10.45 - 5.10.*

Linux/Linux 5.12.12 - 5.12.*

Linux/Linux 5.13

Linux/Linux 5.4.127 - 5.4.*

Linux/Linux a26c5fd7622d4951425131d54a8c99f076fe2068 - 1f95741981c899c4724647291fec5faa3c777185

... and 8 more

Published May 21, 2024

Tracked Since Feb 18, 2026