CVE-2021-47307 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL deref in cifs_compose_mount_options() The optional @ref parameter might contain an NULL node_name, so prevent dereferencing it in cifs_compose_mount_options(). Addresses-Coverity: 1476408 ("Explicit null dereferenced")

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306
https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d
https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796
https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759
https://lore.kernel.org/linux-cve-announce/2024052127-CVE-2021-47307-f8a6@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47307
https://www.cve.org/CVERecord?id=CVE-2021-47307

History

Thu, 26 Dec 2024 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Tue, 05 Nov 2024 08:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-21T14:35:26.667Z

Updated: 2024-12-19T07:39:24.852Z

Reserved: 2024-05-21T13:27:52.133Z

Link: CVE-2021-47307

Vulnrichment

Updated: 2024-08-04T05:32:08.503Z

NVD

Status : Analyzed

Published: 2024-05-21T15:15:18.320

Modified: 2024-12-26T18:44:19.590

Link: CVE-2021-47307

Redhat

Severity : Moderate

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2021-47307 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47307", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T13:27:52.133Z", "datePublished": "2024-05-21T14:35:26.667Z", "dateUpdated": "2024-12-19T07:39:24.852Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:39:24.852Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL deref in cifs_compose_mount_options()\n\nThe optional @ref parameter might contain an NULL node_name, so\nprevent dereferencing it in cifs_compose_mount_options().\n\nAddresses-Coverity: 1476408 (\"Explicit null dereferenced\")"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/cifs/cifs_dfs_ref.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f7d1fa65e74263d11f90ddd33b4d4cd905a93759", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "e58c162789becede894d3e94c0ce6695a2ef5796", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ae3d181f4e912f51af7776ea165f199b16fc165d", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "03313d1c3a2f086bb60920607ab79ac8f8578306", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/cifs/cifs_dfs_ref.c"], "versions": [{"version": "5.4.135", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.53", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13.5", "lessThanOrEqual": "5.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759"}, {"url": "https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796"}, {"url": "https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d"}, {"url": "https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306"}], "title": "cifs: prevent NULL deref in cifs_compose_mount_options()", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-12T15:23:12.230114Z", "id": "CVE-2021-47307", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T15:23:18.690Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.503Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.503Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47307", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-12T15:23:12.230114Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T15:23:16.008Z"}}], "cna": {"title": "cifs: prevent NULL deref in cifs_compose_mount_options()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "f7d1fa65e742", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "e58c162789be", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "ae3d181f4e91", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "03313d1c3a2f", "versionType": "git"}], "programFiles": ["fs/cifs/cifs_dfs_ref.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "5.4.135", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.53", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.13.5", "versionType": "semver", "lessThanOrEqual": "5.13.*"}, {"status": "unaffected", "version": "5.14", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/cifs/cifs_dfs_ref.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759"}, {"url": "https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796"}, {"url": "https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d"}, {"url": "https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL deref in cifs_compose_mount_options()\n\nThe optional @ref parameter might contain an NULL node_name, so\nprevent dereferencing it in cifs_compose_mount_options().\n\nAddresses-Coverity: 1476408 (\"Explicit null dereferenced\")"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:03:24.109Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47307", "state": "PUBLISHED", "dateUpdated": "2024-11-04T12:03:24.109Z", "dateReserved": "2024-05-21T13:27:52.133Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T14:35:26.667Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A710000A-275C-4C73-8384-4FDF4204C682", "versionEndExcluding": "5.4.135", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "08E2D438-D50E-43C5-AF10-D62FE49B5815", "versionEndExcluding": "5.10.53", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "808DF8D9-4913-4CC7-B91F-B4146556B7ED", "versionEndExcluding": "5.13.5", "versionStartIncluding": "5.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL deref in cifs_compose_mount_options()\n\nThe optional @ref parameter might contain an NULL node_name, so\nprevent dereferencing it in cifs_compose_mount_options().\n\nAddresses-Coverity: 1476408 (\"Explicit null dereferenced\")"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cifs: evita la eliminaci\u00f3n de desreferencias NULL en cifs_compose_mount_options() El par\u00e1metro @ref opcional puede contener un nombre de nodo NULL, por lo que se debe evitar eliminar la referencia a \u00e9l en cifs_compose_mount_options(). Direcciones-Cobertura: 1476408 (\"Nulo expl\u00edcito desreferenciado\")"}], "id": "CVE-2021-47307", "lastModified": "2024-12-26T18:44:19.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-21T15:15:18.320", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: cifs: prevent NULL deref in cifs_compose_mount_options()", "id": "2282475", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282475"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncifs: prevent NULL deref in cifs_compose_mount_options()\nThe optional @ref parameter might contain an NULL node_name, so\nprevent dereferencing it in cifs_compose_mount_options().\nAddresses-Coverity: 1476408 (\"Explicit null dereferenced\")", "A vulnerability was found in the Linux kernel's CIFS module, where the cifs_compose_mount_options() function can dereference a NULL pointer if it encounters a NULL node_name parameter. This issue could potentially lead to system crash or unexpected behavior due to the improper handling of null values."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2021-47307", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47307\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47307\nhttps://lore.kernel.org/linux-cve-announce/2024052127-CVE-2021-47307-f8a6@gregkh/T"], "statement": "This vulnerability is rated as a moderate severity because the risk arises from the possibility of NULL pointer dereferencing, which can cause crashes or instability in the CIFS filesystem handling, it does not directly expose sensitive information or allow unauthorized access.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.4.135, kernel 5.10.53, kernel 5.13.5, kernel 5.14"}