In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix dereference of null pointer flow In the case where chain->flags & NFT_CHAIN_HW_OFFLOAD is false then nft_flow_rule_create is not called and flow is NULL. The subsequent error handling execution via label err_destroy_flow_rule will lead to a null pointer dereference on flow when calling nft_flow_rule_destroy. Since the error path to err_destroy_flow_rule has to cater for null and non-null flows, only call nft_flow_rule_destroy if flow is non-null to fix this issue. Addresses-Coverity: ("Explicity null dereference")
History

Tue, 05 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-21T14:35:29.963Z

Updated: 2024-12-19T07:39:30.564Z

Reserved: 2024-05-21T14:28:16.973Z

Link: CVE-2021-47312

cve-icon Vulnrichment

Updated: 2024-08-04T05:32:08.515Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-21T15:15:18.660

Modified: 2024-11-21T06:35:51.343

Link: CVE-2021-47312

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2021-47312 - Bugzilla