CVE-2021-47501

MEDIUM

Linux Kernel - NULL Pointer Dereference in i40e_dbg_dump_desc

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc When trying to dump VFs VSI RX/TX descriptors using debugfs there was a crash due to NULL pointer dereference in i40e_dbg_dump_desc. Added a check to i40e_dbg_dump_desc that checks if VSI type is correct for dumping RX/TX descriptors.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/e5b7fb2198abc50058f1a29c395b004f76ab1c83

Patch

https://git.kernel.org/stable/c/16431e442db248ecd8aa9457cf0a656f1885f56e

Patch

https://git.kernel.org/stable/c/23ec111bf3549aae37140330c31a16abfc172421

Scores

CVSS v3 5.5

EPSS 0.0024

EPSS Percentile 15.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (10)

Linux/Linux < 3.12

Linux/Linux 02e9c290814cc143ceccecb14eac3e7a05da745e - 16431e442db248ecd8aa9457cf0a656f1885f56e

Linux/Linux 02e9c290814cc143ceccecb14eac3e7a05da745e - 23ec111bf3549aae37140330c31a16abfc172421

Linux/Linux 02e9c290814cc143ceccecb14eac3e7a05da745e - e5b7fb2198abc50058f1a29c395b004f76ab1c83

Linux/Linux 3.12

Linux/Linux 5.10.85 - 5.10.*

Linux/Linux 5.15.8 - 5.15.*

Linux/Linux 5.16

linux/linux_kernel 5.16 rc1 (4 CPE variants)

linux/linux_kernel 3.12 - 5.10.85

Published May 24, 2024

Tracked Since Feb 18, 2026