{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47184", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-25T09:12:14.112Z", "datePublished": "2024-04-10T18:56:25.037Z", "dateUpdated": "2024-12-19T07:36:59.724Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:36:59.724Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL ptr dereference on VSI filter sync\n\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that's causing a kernel oops."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/intel/i40e/i40e.h", "drivers/net/ethernet/intel/i40e/i40e_main.c"], "versions": [{"version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "78f2a9e831f9610e3655a0be5e675e1aa2472089", "status": "affected", "versionType": "git"}, {"version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "87c421ab4a43433cb009fea44bbbc77f46913e1d", "status": "affected", "versionType": "git"}, {"version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "c30162da91327e4cdf7cd03079f096bb3654738c", "status": "affected", "versionType": "git"}, {"version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "f866513ead4370402428ef724b03c3312295c178", "status": "affected", "versionType": "git"}, {"version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "e91e8427a1e1633a0261e3bb0201c836ac5b3890", "status": "affected", "versionType": "git"}, {"version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "37d9e304acd903a445df8208b8a13d707902dea6", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/intel/i40e/i40e.h", "drivers/net/ethernet/intel/i40e/i40e_main.c"], "versions": [{"version": "3.12", "status": "affected"}, {"version": "0", "lessThan": "3.12", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.256", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.218", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.162", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.82", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.5", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/78f2a9e831f9610e3655a0be5e675e1aa2472089"}, {"url": "https://git.kernel.org/stable/c/87c421ab4a43433cb009fea44bbbc77f46913e1d"}, {"url": "https://git.kernel.org/stable/c/c30162da91327e4cdf7cd03079f096bb3654738c"}, {"url": "https://git.kernel.org/stable/c/f866513ead4370402428ef724b03c3312295c178"}, {"url": "https://git.kernel.org/stable/c/e91e8427a1e1633a0261e3bb0201c836ac5b3890"}, {"url": "https://git.kernel.org/stable/c/37d9e304acd903a445df8208b8a13d707902dea6"}], "title": "i40e: Fix NULL ptr dereference on VSI filter sync", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47184", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-10T19:33:14.911867Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:13:59.992Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.468Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/78f2a9e831f9610e3655a0be5e675e1aa2472089", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/87c421ab4a43433cb009fea44bbbc77f46913e1d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c30162da91327e4cdf7cd03079f096bb3654738c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f866513ead4370402428ef724b03c3312295c178", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e91e8427a1e1633a0261e3bb0201c836ac5b3890", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/37d9e304acd903a445df8208b8a13d707902dea6", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/78f2a9e831f9610e3655a0be5e675e1aa2472089", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/87c421ab4a43433cb009fea44bbbc77f46913e1d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c30162da91327e4cdf7cd03079f096bb3654738c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f866513ead4370402428ef724b03c3312295c178", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e91e8427a1e1633a0261e3bb0201c836ac5b3890", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/37d9e304acd903a445df8208b8a13d707902dea6", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.468Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47184", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-10T19:33:14.911867Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:23.018Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "i40e: Fix NULL ptr dereference on VSI filter sync", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "78f2a9e831f9610e3655a0be5e675e1aa2472089", "versionType": "git"}, {"status": "affected", "version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "87c421ab4a43433cb009fea44bbbc77f46913e1d", "versionType": "git"}, {"status": "affected", "version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "c30162da91327e4cdf7cd03079f096bb3654738c", "versionType": "git"}, {"status": "affected", "version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "f866513ead4370402428ef724b03c3312295c178", "versionType": "git"}, {"status": "affected", "version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "e91e8427a1e1633a0261e3bb0201c836ac5b3890", "versionType": "git"}, {"status": "affected", "version": "41c445ff0f482bb6e6b72dcee9e598e20575f743", "lessThan": "37d9e304acd903a445df8208b8a13d707902dea6", "versionType": "git"}], "programFiles": ["drivers/net/ethernet/intel/i40e/i40e.h", "drivers/net/ethernet/intel/i40e/i40e_main.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.12"}, {"status": "unaffected", "version": "0", "lessThan": "3.12", "versionType": "semver"}, {"status": "unaffected", "version": "4.14.256", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.218", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.162", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.82", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.5", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/ethernet/intel/i40e/i40e.h", "drivers/net/ethernet/intel/i40e/i40e_main.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/78f2a9e831f9610e3655a0be5e675e1aa2472089"}, {"url": "https://git.kernel.org/stable/c/87c421ab4a43433cb009fea44bbbc77f46913e1d"}, {"url": "https://git.kernel.org/stable/c/c30162da91327e4cdf7cd03079f096bb3654738c"}, {"url": "https://git.kernel.org/stable/c/f866513ead4370402428ef724b03c3312295c178"}, {"url": "https://git.kernel.org/stable/c/e91e8427a1e1633a0261e3bb0201c836ac5b3890"}, {"url": "https://git.kernel.org/stable/c/37d9e304acd903a445df8208b8a13d707902dea6"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL ptr dereference on VSI filter sync\n\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that's causing a kernel oops."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:36:59.724Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47184", "state": "PUBLISHED", "dateUpdated": "2024-12-19T07:36:59.724Z", "dateReserved": "2024-03-25T09:12:14.112Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-10T18:56:25.037Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "41062222-AC0B-4048-99F9-23789C1574E8", "versionEndExcluding": "4.14.256", "versionStartIncluding": "3.12", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F85F433-5DEA-47D3-B07E-3B1AC474D6E0", "versionEndExcluding": "4.19.218", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "51A152D8-D5CE-47BD-9041-DEE164DCE99D", "versionEndExcluding": "5.4.162", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE501832-500C-4EF1-9489-5C13674F619D", "versionEndExcluding": "5.10.82", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F", "versionEndExcluding": "5.15.5", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*", "matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL ptr dereference on VSI filter sync\n\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that's causing a kernel oops."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i40e: Corregir la desreferencia de puntero nulo en la sincronizaci\u00f3n de filtros VSI Eliminar el motivo de la desreferencia de puntero nulo en los filtros VSI de sincronizaci\u00f3n. Se ha a\u00f1adido el nuevo indicador I40E_VSI_RELEASING para se\u00f1alar la eliminaci\u00f3n y liberaci\u00f3n de recursos VSI para sincronizar este hilo con la subtarea de filtros de sincronizaci\u00f3n. Sin este parche, es posible comenzar a actualizar la lista de filtros VSI despu\u00e9s de que se elimine VSI, lo que provoca un error en el kernel."}], "id": "CVE-2021-47184", "lastModified": "2025-01-14T16:41:58.690", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-10T19:15:47.333", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/37d9e304acd903a445df8208b8a13d707902dea6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/78f2a9e831f9610e3655a0be5e675e1aa2472089"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/87c421ab4a43433cb009fea44bbbc77f46913e1d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c30162da91327e4cdf7cd03079f096bb3654738c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e91e8427a1e1633a0261e3bb0201c836ac5b3890"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f866513ead4370402428ef724b03c3312295c178"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/37d9e304acd903a445df8208b8a13d707902dea6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/78f2a9e831f9610e3655a0be5e675e1aa2472089"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/87c421ab4a43433cb009fea44bbbc77f46913e1d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c30162da91327e4cdf7cd03079f096bb3654738c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e91e8427a1e1633a0261e3bb0201c836ac5b3890"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f866513ead4370402428ef724b03c3312295c178"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: i40e: Fix NULL ptr dereference on VSI filter sync", "id": "2274625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274625"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ni40e: Fix NULL ptr dereference on VSI filter sync\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that's causing a kernel oops.", "A NULL pointer dereference flaw was found in the Linux kernel, in VSI filter sync. This may lead to a crash."], "name": "CVE-2021-47184", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47184\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47184"], "threat_severity": "Moderate", "upstream_fix": "kernel 4.14.256, kernel 4.19.218, kernel 5.4.162, kernel 5.10.82, kernel 5.15.5, kernel 5.16"}