{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47316", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T14:28:16.973Z", "datePublished": "2024-05-21T14:35:32.564Z", "dateUpdated": "2024-12-19T07:39:35.261Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:39:35.261Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix NULL dereference in nfs3svc_encode_getaclres\n\nIn error cases the dentry may be NULL.\n\nBefore 20798dfe249a, the encoder also checked dentry and\nd_really_is_positive(dentry), but that looks like overkill to me--zero\nstatus should be enough to guarantee a positive dentry.\n\nThis isn't the first time we've seen an error-case NULL dereference\nhidden in the initialization of a local variable in an xdr encoder. But\nI went back through the other recent rewrites and didn't spot any\nsimilar bugs."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nfsd/nfs3acl.c"], "versions": [{"version": "d505e66191072748620fc0af038cea4e4da0e3cd", "lessThan": "e79057d15d96ef19de4de6d7e479bae3d58a2a8d", "status": "affected", "versionType": "git"}, {"version": "20798dfe249a01ad1b12eec7dbc572db5003244a", "lessThan": "650e6f383a6eb40f7c0a010982a74ab4b6893870", "status": "affected", "versionType": "git"}, {"version": "20798dfe249a01ad1b12eec7dbc572db5003244a", "lessThan": "ab1016d39cc052064e32f25ad18ef8767a0ee3b8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nfsd/nfs3acl.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.13.4", "lessThanOrEqual": "5.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/e79057d15d96ef19de4de6d7e479bae3d58a2a8d"}, {"url": "https://git.kernel.org/stable/c/650e6f383a6eb40f7c0a010982a74ab4b6893870"}, {"url": "https://git.kernel.org/stable/c/ab1016d39cc052064e32f25ad18ef8767a0ee3b8"}], "title": "nfsd: fix NULL dereference in nfs3svc_encode_getaclres", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47316", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-21T18:45:04.809482Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:13:36.645Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.599Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e79057d15d96ef19de4de6d7e479bae3d58a2a8d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/650e6f383a6eb40f7c0a010982a74ab4b6893870", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ab1016d39cc052064e32f25ad18ef8767a0ee3b8", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e79057d15d96ef19de4de6d7e479bae3d58a2a8d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/650e6f383a6eb40f7c0a010982a74ab4b6893870", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ab1016d39cc052064e32f25ad18ef8767a0ee3b8", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.599Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47316", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-21T18:45:04.809482Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:25.477Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "nfsd: fix NULL dereference in nfs3svc_encode_getaclres", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d505e6619107", "lessThan": "e79057d15d96", "versionType": "git"}, {"status": "affected", "version": "20798dfe249a", "lessThan": "650e6f383a6e", "versionType": "git"}, {"status": "affected", "version": "20798dfe249a", "lessThan": "ab1016d39cc0", "versionType": "git"}], "programFiles": ["fs/nfsd/nfs3acl.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.13"}, {"status": "unaffected", "version": "0", "lessThan": "5.13", "versionType": "semver"}, {"status": "unaffected", "version": "5.13.4", "versionType": "semver", "lessThanOrEqual": "5.13.*"}, {"status": "unaffected", "version": "5.14", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/nfsd/nfs3acl.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/e79057d15d96ef19de4de6d7e479bae3d58a2a8d"}, {"url": "https://git.kernel.org/stable/c/650e6f383a6eb40f7c0a010982a74ab4b6893870"}, {"url": "https://git.kernel.org/stable/c/ab1016d39cc052064e32f25ad18ef8767a0ee3b8"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix NULL dereference in nfs3svc_encode_getaclres\n\nIn error cases the dentry may be NULL.\n\nBefore 20798dfe249a, the encoder also checked dentry and\nd_really_is_positive(dentry), but that looks like overkill to me--zero\nstatus should be enough to guarantee a positive dentry.\n\nThis isn't the first time we've seen an error-case NULL dereference\nhidden in the initialization of a local variable in an xdr encoder. But\nI went back through the other recent rewrites and didn't spot any\nsimilar bugs."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:03:33.502Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47316", "state": "PUBLISHED", "dateUpdated": "2024-11-04T12:03:33.502Z", "dateReserved": "2024-05-21T14:28:16.973Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T14:35:32.564Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F93FA3CC-0C79-410B-A7D7-245C2AA0723A", "versionEndExcluding": "5.13.4", "versionStartIncluding": "5.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix NULL dereference in nfs3svc_encode_getaclres\n\nIn error cases the dentry may be NULL.\n\nBefore 20798dfe249a, the encoder also checked dentry and\nd_really_is_positive(dentry), but that looks like overkill to me--zero\nstatus should be enough to guarantee a positive dentry.\n\nThis isn't the first time we've seen an error-case NULL dereference\nhidden in the initialization of a local variable in an xdr encoder. But\nI went back through the other recent rewrites and didn't spot any\nsimilar bugs."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: corrige la desreferencia NULL en nfs3svc_encode_getaclres. En casos de error, la dentry puede ser NULL. Antes de 20798dfe249a, el codificador tambi\u00e9n verificaba dentry y d_really_is_positive(dentry), pero eso me parece excesivo: el estado cero deber\u00eda ser suficiente para garantizar un dentry positivo. Esta no es la primera vez que vemos una desreferencia NULL de caso de error oculta en la inicializaci\u00f3n de una variable local en un codificador xdr. Pero revis\u00e9 las otras reescrituras recientes y no encontr\u00e9 ning\u00fan error similar."}], "id": "CVE-2021-47316", "lastModified": "2024-12-24T16:28:58.957", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-21T15:15:18.940", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/650e6f383a6eb40f7c0a010982a74ab4b6893870"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ab1016d39cc052064e32f25ad18ef8767a0ee3b8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e79057d15d96ef19de4de6d7e479bae3d58a2a8d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/650e6f383a6eb40f7c0a010982a74ab4b6893870"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ab1016d39cc052064e32f25ad18ef8767a0ee3b8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e79057d15d96ef19de4de6d7e479bae3d58a2a8d"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: nfsd: fix NULL dereference in nfs3svc_encode_getaclres", "id": "2282464", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282464"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnfsd: fix NULL dereference in nfs3svc_encode_getaclres\nIn error cases the dentry may be NULL.\nBefore 20798dfe249a, the encoder also checked dentry and\nd_really_is_positive(dentry), but that looks like overkill to me--zero\nstatus should be enough to guarantee a positive dentry.\nThis isn't the first time we've seen an error-case NULL dereference\nhidden in the initialization of a local variable in an xdr encoder. But\nI went back through the other recent rewrites and didn't spot any\nsimilar bugs.", "A vulnerability was found in the nfs3svc_encode_getaclres function in the Linux kernel's NFS server, where the function may encounter a NULL pointer for a directory entry (dentry), which can lead to a system crash or instability when accessed improperly."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2021-47316", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47316\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47316\nhttps://lore.kernel.org/linux-cve-announce/2024052130-CVE-2021-47316-e2c2@gregkh/T"], "statement": "This vulnerability is rated as a moderate severity because it does not allow unauthorized access, but can cause a NULL dereference that may crash the NFS service, disrupting file system operations.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.13.4, kernel 5.14"}