{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47257", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-04-10T18:59:19.540Z", "datePublished": "2024-05-21T14:19:51.445Z", "dateUpdated": "2024-08-04T05:32:08.048Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:04:48.230Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ieee802154/nl802154.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "1f95741981c8", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "c6998ccfefa6", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "5f728ec65485", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "d0f47648b87b", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "c7836de2cadd", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "fdd51e34f453", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "9fdd04918a45", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ieee802154/nl802154.c"], "versions": [{"version": "4.9.274", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.238", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.196", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.127", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.45", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.12.12", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185"}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e"}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0"}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67"}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627"}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993"}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70"}], "title": "net: ieee802154: fix null deref in parse dev addr", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47257", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-31T18:51:05.818923Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:14:56.571Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.048Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.048Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47257", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-31T18:51:05.818923Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-31T18:51:09.713Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "net: ieee802154: fix null deref in parse dev addr", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "1f95741981c8", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "c6998ccfefa6", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "5f728ec65485", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "d0f47648b87b", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "c7836de2cadd", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "fdd51e34f453", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "9fdd04918a45", "versionType": "git"}], "programFiles": ["net/ieee802154/nl802154.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "4.9.274", "versionType": "custom", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.238", "versionType": "custom", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.196", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.127", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.45", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.12.12", "versionType": "custom", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/ieee802154/nl802154.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185"}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e"}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0"}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67"}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627"}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993"}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:04:48.230Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47257", "state": "PUBLISHED", "dateUpdated": "2024-08-04T05:32:08.048Z", "dateReserved": "2024-04-10T18:59:19.540Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T14:19:51.445Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: ieee802154: corrige el deref null en analizar dev addr. Se corrige un error l\u00f3gico que podr\u00eda resultar en un deref null si el usuario configura el modo incorrectamente para el tipo de direcci\u00f3n dado."}], "id": "CVE-2021-47257", "lastModified": "2024-05-21T16:54:26.047", "metrics": {}, "published": "2024-05-21T15:15:14.460", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}], "bugzilla": {"description": "kernel: net: ieee802154: fix null deref in parse dev addr", "id": "2282553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282553"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: ieee802154: fix null deref in parse dev addr\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."], "name": "CVE-2021-47257", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47257\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47257\nhttps://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47257-1d1c@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 4.9.274, kernel 4.14.238, kernel 4.19.196, kernel 5.4.127, kernel 5.10.45, kernel 5.12.12, kernel 5.13"}