cve-2021-47572
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-12-19 07:45
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to calling ipv6_stub->fib6_nh_release. The bug has been present since the beginning of IPv6 nexthop gateway support. Commit 1aefd3de7bc6 ("ipv6: Add fib6_nh_init and release to stubs") tells us that only fib6_nh_init has a dummy stub because fib6_nh_release should not be called if fib6_nh_init returns an error, but the commit below added a call to ipv6_stub->fib6_nh_release in its error path. To fix it return the dummy stub's -EAFNOSUPPORT error directly without calling ipv6_stub->fib6_nh_release in nh_create_ipv6()'s error path. [1] Output is a bit truncated, but it clearly shows the error. BUG: kernel NULL pointer dereference, address: 000000000000000000 #PF: supervisor instruction fetch in kernel modede #PF: error_code(0x0010) - not-present pagege PGD 0 P4D 0 Oops: 0010 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 638 Comm: ip Kdump: loaded Not tainted 5.16.0-rc1+ #446 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014 RIP: 0010:0x0 Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. RSP: 0018:ffff888109f5b8f0 EFLAGS: 00010286^Ac RAX: 0000000000000000 RBX: ffff888109f5ba28 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881008a2860 RBP: ffff888109f5b9d8 R08: 0000000000000000 R09: 0000000000000000 R10: ffff888109f5b978 R11: ffff888109f5b948 R12: 00000000ffffff9f R13: ffff8881008a2a80 R14: ffff8881008a2860 R15: ffff8881008a2840 FS: 00007f98de70f100(0000) GS:ffff88822bf00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000100efc000 CR4: 00000000000006e0 Call Trace: <TASK> nh_create_ipv6+0xed/0x10c rtm_new_nexthop+0x6d7/0x13f3 ? check_preemption_disabled+0x3d/0xf2 ? lock_is_held_type+0xbe/0xfd rtnetlink_rcv_msg+0x23f/0x26a ? check_preemption_disabled+0x3d/0xf2 ? rtnl_calcit.isra.0+0x147/0x147 netlink_rcv_skb+0x61/0xb2 netlink_unicast+0x100/0x187 netlink_sendmsg+0x37f/0x3a0 ? netlink_unicast+0x187/0x187 sock_sendmsg_nosec+0x67/0x9b ____sys_sendmsg+0x19d/0x1f9 ? copy_msghdr_from_user+0x4c/0x5e ? rcu_read_lock_any_held+0x2a/0x78 ___sys_sendmsg+0x6c/0x8c ? asm_sysvec_apic_timer_interrupt+0x12/0x20 ? lockdep_hardirqs_on+0xd9/0x102 ? sockfd_lookup_light+0x69/0x99 __sys_sendmsg+0x50/0x6e do_syscall_64+0xcb/0xf2 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f98dea28914 Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 53 RSP: 002b:00007fff859f5e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e2e RAX: ffffffffffffffda RBX: 00000000619cb810 RCX: 00007f98dea28914 RDX: 0000000000000000 RSI: 00007fff859f5ed0 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000008 R10: fffffffffffffce6 R11: 0000000000000246 R12: 0000000000000001 R13: 000055c0097ae520 R14: 000055c0097957fd R15: 00007fff859f63a0 </TASK> Modules linked in: bridge stp llc bonding virtio_net
Impacted products
Vendor Product Version
Linux Linux Version: 5.3
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.779Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b6f44856da5ba0b1aa61403eb9fddd272156503"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b70ff391deeec35cdd8a05f5f63f5fe28bc4f225"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/39509d76a9a3d02f379d52cb4b1449469c56c0e0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1c743127cc54b112b155f434756bd4b5fa565a99"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47572",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:35:07.855330Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:19.470Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/nexthop.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7b6f44856da5ba0b1aa61403eb9fddd272156503",
              "status": "affected",
              "version": "53010f991a9f5e4ed2db705ddde6ff32709192a2",
              "versionType": "git"
            },
            {
              "lessThan": "b70ff391deeec35cdd8a05f5f63f5fe28bc4f225",
              "status": "affected",
              "version": "53010f991a9f5e4ed2db705ddde6ff32709192a2",
              "versionType": "git"
            },
            {
              "lessThan": "39509d76a9a3d02f379d52cb4b1449469c56c0e0",
              "status": "affected",
              "version": "53010f991a9f5e4ed2db705ddde6ff32709192a2",
              "versionType": "git"
            },
            {
              "lessThan": "1c743127cc54b112b155f434756bd4b5fa565a99",
              "status": "affected",
              "version": "53010f991a9f5e4ed2db705ddde6ff32709192a2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/nexthop.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.163",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nexthop: fix null pointer dereference when IPv6 is not enabled\n\nWhen we try to add an IPv6 nexthop and IPv6 is not enabled\n(!CONFIG_IPV6) we\u0027ll hit a NULL pointer dereference[1] in the error path\nof nh_create_ipv6() due to calling ipv6_stub-\u003efib6_nh_release. The bug\nhas been present since the beginning of IPv6 nexthop gateway support.\nCommit 1aefd3de7bc6 (\"ipv6: Add fib6_nh_init and release to stubs\") tells\nus that only fib6_nh_init has a dummy stub because fib6_nh_release should\nnot be called if fib6_nh_init returns an error, but the commit below added\na call to ipv6_stub-\u003efib6_nh_release in its error path. To fix it return\nthe dummy stub\u0027s -EAFNOSUPPORT error directly without calling\nipv6_stub-\u003efib6_nh_release in nh_create_ipv6()\u0027s error path.\n\n[1]\n Output is a bit truncated, but it clearly shows the error.\n BUG: kernel NULL pointer dereference, address: 000000000000000000\n #PF: supervisor instruction fetch in kernel modede\n #PF: error_code(0x0010) - not-present pagege\n PGD 0 P4D 0\n Oops: 0010 [#1] PREEMPT SMP NOPTI\n CPU: 4 PID: 638 Comm: ip Kdump: loaded Not tainted 5.16.0-rc1+ #446\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014\n RIP: 0010:0x0\n Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n RSP: 0018:ffff888109f5b8f0 EFLAGS: 00010286^Ac\n RAX: 0000000000000000 RBX: ffff888109f5ba28 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881008a2860\n RBP: ffff888109f5b9d8 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff888109f5b978 R11: ffff888109f5b948 R12: 00000000ffffff9f\n R13: ffff8881008a2a80 R14: ffff8881008a2860 R15: ffff8881008a2840\n FS:  00007f98de70f100(0000) GS:ffff88822bf00000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffffffffd6 CR3: 0000000100efc000 CR4: 00000000000006e0\n Call Trace:\n  \u003cTASK\u003e\n  nh_create_ipv6+0xed/0x10c\n  rtm_new_nexthop+0x6d7/0x13f3\n  ? check_preemption_disabled+0x3d/0xf2\n  ? lock_is_held_type+0xbe/0xfd\n  rtnetlink_rcv_msg+0x23f/0x26a\n  ? check_preemption_disabled+0x3d/0xf2\n  ? rtnl_calcit.isra.0+0x147/0x147\n  netlink_rcv_skb+0x61/0xb2\n  netlink_unicast+0x100/0x187\n  netlink_sendmsg+0x37f/0x3a0\n  ? netlink_unicast+0x187/0x187\n  sock_sendmsg_nosec+0x67/0x9b\n  ____sys_sendmsg+0x19d/0x1f9\n  ? copy_msghdr_from_user+0x4c/0x5e\n  ? rcu_read_lock_any_held+0x2a/0x78\n  ___sys_sendmsg+0x6c/0x8c\n  ? asm_sysvec_apic_timer_interrupt+0x12/0x20\n  ? lockdep_hardirqs_on+0xd9/0x102\n  ? sockfd_lookup_light+0x69/0x99\n  __sys_sendmsg+0x50/0x6e\n  do_syscall_64+0xcb/0xf2\n  entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f98dea28914\n Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 53\n RSP: 002b:00007fff859f5e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e2e\n RAX: ffffffffffffffda RBX: 00000000619cb810 RCX: 00007f98dea28914\n RDX: 0000000000000000 RSI: 00007fff859f5ed0 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000008\n R10: fffffffffffffce6 R11: 0000000000000246 R12: 0000000000000001\n R13: 000055c0097ae520 R14: 000055c0097957fd R15: 00007fff859f63a0\n \u003c/TASK\u003e\n Modules linked in: bridge stp llc bonding virtio_net"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T07:45:04.771Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7b6f44856da5ba0b1aa61403eb9fddd272156503"
        },
        {
          "url": "https://git.kernel.org/stable/c/b70ff391deeec35cdd8a05f5f63f5fe28bc4f225"
        },
        {
          "url": "https://git.kernel.org/stable/c/39509d76a9a3d02f379d52cb4b1449469c56c0e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/1c743127cc54b112b155f434756bd4b5fa565a99"
        }
      ],
      "title": "net: nexthop: fix null pointer dereference when IPv6 is not enabled",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47572",
    "datePublished": "2024-05-24T15:12:58.397Z",
    "dateReserved": "2024-05-24T15:11:00.729Z",
    "dateUpdated": "2024-12-19T07:45:04.771Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-47572\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-24T15:15:22.887\",\"lastModified\":\"2024-11-21T06:36:34.947\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: nexthop: fix null pointer dereference when IPv6 is not enabled\\n\\nWhen we try to add an IPv6 nexthop and IPv6 is not enabled\\n(!CONFIG_IPV6) we\u0027ll hit a NULL pointer dereference[1] in the error path\\nof nh_create_ipv6() due to calling ipv6_stub-\u003efib6_nh_release. The bug\\nhas been present since the beginning of IPv6 nexthop gateway support.\\nCommit 1aefd3de7bc6 (\\\"ipv6: Add fib6_nh_init and release to stubs\\\") tells\\nus that only fib6_nh_init has a dummy stub because fib6_nh_release should\\nnot be called if fib6_nh_init returns an error, but the commit below added\\na call to ipv6_stub-\u003efib6_nh_release in its error path. To fix it return\\nthe dummy stub\u0027s -EAFNOSUPPORT error directly without calling\\nipv6_stub-\u003efib6_nh_release in nh_create_ipv6()\u0027s error path.\\n\\n[1]\\n Output is a bit truncated, but it clearly shows the error.\\n BUG: kernel NULL pointer dereference, address: 000000000000000000\\n #PF: supervisor instruction fetch in kernel modede\\n #PF: error_code(0x0010) - not-present pagege\\n PGD 0 P4D 0\\n Oops: 0010 [#1] PREEMPT SMP NOPTI\\n CPU: 4 PID: 638 Comm: ip Kdump: loaded Not tainted 5.16.0-rc1+ #446\\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014\\n RIP: 0010:0x0\\n Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\\n RSP: 0018:ffff888109f5b8f0 EFLAGS: 00010286^Ac\\n RAX: 0000000000000000 RBX: ffff888109f5ba28 RCX: 0000000000000000\\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881008a2860\\n RBP: ffff888109f5b9d8 R08: 0000000000000000 R09: 0000000000000000\\n R10: ffff888109f5b978 R11: ffff888109f5b948 R12: 00000000ffffff9f\\n R13: ffff8881008a2a80 R14: ffff8881008a2860 R15: ffff8881008a2840\\n FS:  00007f98de70f100(0000) GS:ffff88822bf00000(0000) knlGS:0000000000000000\\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n CR2: ffffffffffffffd6 CR3: 0000000100efc000 CR4: 00000000000006e0\\n Call Trace:\\n  \u003cTASK\u003e\\n  nh_create_ipv6+0xed/0x10c\\n  rtm_new_nexthop+0x6d7/0x13f3\\n  ? check_preemption_disabled+0x3d/0xf2\\n  ? lock_is_held_type+0xbe/0xfd\\n  rtnetlink_rcv_msg+0x23f/0x26a\\n  ? check_preemption_disabled+0x3d/0xf2\\n  ? rtnl_calcit.isra.0+0x147/0x147\\n  netlink_rcv_skb+0x61/0xb2\\n  netlink_unicast+0x100/0x187\\n  netlink_sendmsg+0x37f/0x3a0\\n  ? netlink_unicast+0x187/0x187\\n  sock_sendmsg_nosec+0x67/0x9b\\n  ____sys_sendmsg+0x19d/0x1f9\\n  ? copy_msghdr_from_user+0x4c/0x5e\\n  ? rcu_read_lock_any_held+0x2a/0x78\\n  ___sys_sendmsg+0x6c/0x8c\\n  ? asm_sysvec_apic_timer_interrupt+0x12/0x20\\n  ? lockdep_hardirqs_on+0xd9/0x102\\n  ? sockfd_lookup_light+0x69/0x99\\n  __sys_sendmsg+0x50/0x6e\\n  do_syscall_64+0xcb/0xf2\\n  entry_SYSCALL_64_after_hwframe+0x44/0xae\\n RIP: 0033:0x7f98dea28914\\n Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 53\\n RSP: 002b:00007fff859f5e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e2e\\n RAX: ffffffffffffffda RBX: 00000000619cb810 RCX: 00007f98dea28914\\n RDX: 0000000000000000 RSI: 00007fff859f5ed0 RDI: 0000000000000003\\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000008\\n R10: fffffffffffffce6 R11: 0000000000000246 R12: 0000000000000001\\n R13: 000055c0097ae520 R14: 000055c0097957fd R15: 00007fff859f63a0\\n \u003c/TASK\u003e\\n Modules linked in: bridge stp llc bonding virtio_net\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: nexthop: corrige la desreferencia del puntero nulo cuando IPv6 no est\u00e1 habilitado Cuando intentamos agregar un nexthop IPv6 y IPv6 no est\u00e1 habilitado (!CONFIG_IPV6) alcanzaremos una desreferencia del puntero NULL [1] en la ruta de error de nh_create_ipv6() debido a la llamada a ipv6_stub-\u0026gt;fib6_nh_release. El error ha estado presente desde el comienzo del soporte de la puerta de enlace IPv6 nexthop. El commit 1aefd3de7bc6 (\\\"ipv6: Agregar fib6_nh_init y liberar a los stubs\\\") nos dice que solo fib6_nh_init tiene un stub ficticio porque no se debe llamar a fib6_nh_release si fib6_nh_init devuelve un error, pero el commit a continuaci\u00f3n agreg\u00f3 una llamada a ipv6_stub-\u0026gt;fib6_nh_release en su error camino. Para solucionarlo, devuelva el error -EAFNOSUPPORT del c\u00f3digo auxiliar ficticio directamente sin llamar a ipv6_stub-\u0026gt;fib6_nh_release en la ruta de error de nh_create_ipv6(). [1] La salida est\u00e1 un poco truncada, pero muestra claramente el error. ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000000000 #PF: b\u00fasqueda de instrucciones del supervisor en modo kernel #PF: c\u00f3digo_error(0x0010) - p\u00e1gina no presente PGD 0 P4D 0 Ups: 0010 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 638 Comm: ip Kdump: cargado No contaminado 5.16.0-rc1+ #446 Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 01/04/2014 RIP: 0010:0x0 C\u00f3digo: No se puede acceder a los bytes del c\u00f3digo de operaci\u00f3n en RIP 0xffffffffffffffd6. RSP: 0018:ffff888109f5b8f0 EFLAGS: 00010286^Ac RAX: 0000000000000000 RBX: ffff888109f5ba28 RCX: 00000000000000000 RDX: 0000000000000000 RSI: 000000000000000 RDI: ffff8881008a2860 RBP: ffff888109f5b9d8 R08: 0000000000000000 R09: 00000000000000000 R10: ffff888109f5b978 R11: 9f5b948 R12: 00000000ffffff9f R13: ffff8881008a2a80 R14 : ffff8881008a2860 R15: ffff8881008a2840 FS: 00007f98de70f100(0000) GS:ffff88822bf00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000100efc000 CR4: 00000000000006e0 Seguimiento de llamadas:  nh_create_ipv6+0xed /0x10c rtm_new_nexthop+0x6d7/0x13f3 ? check_preemption_disabled+0x3d/0xf2? lock_is_held_type+0xbe/0xfd rtnetlink_rcv_msg+0x23f/0x26a? check_preemption_disabled+0x3d/0xf2? rtnl_calcit.isra.0+0x147/0x147 netlink_rcv_skb+0x61/0xb2 netlink_unicast+0x100/0x187 netlink_sendmsg+0x37f/0x3a0 ? netlink_unicast+0x187/0x187 sock_sendmsg_nosec+0x67/0x9b ____sys_sendmsg+0x19d/0x1f9 ? copy_msghdr_from_user+0x4c/0x5e? rcu_read_lock_any_held+0x2a/0x78 ___sys_sendmsg+0x6c/0x8c? asm_sysvec_apic_timer_interrupt+0x12/0x20? lockdep_hardirqs_on+0xd9/0x102? sockfd_lookup_light+0x69/0x99 __sys_sendmsg+0x50/0x6e do_syscall_64+0xcb/0xf2 Entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f98dea28914 C\u00f3digo: 00 f7 d8 64 89 02 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 00 00 0f 05 \u0026lt;48\u0026gt; 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 53 RSP: :00007fff859f5e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e2e RAX: ffffffffffffffda RBX: 00000000619cb810 RCX: 00007f98dea28914 RDX: 0000000000000000 RSI: 00007fff859f5ed0 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000008 R10: fffffffffffffce6 R11: 0000000000000246 R12: 0000000000001 R13: 000055c0097ae520 R14: 000055c0097957fd R15: 00007fff859f63a0 \u0026lt; /TASK\u0026gt; M\u00f3dulos vinculados en: bridge stp llc bonding virtio_net\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.3\",\"versionEndExcluding\":\"5.4.163\",\"matchCriteriaId\":\"755F3E83-05A5-403D-A6B2-ED9DE8B0F69B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.83\",\"matchCriteriaId\":\"D4843826-EA9A-472B-82EC-B9E4FD4149AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.6\",\"matchCriteriaId\":\"990C08FB-0121-4296-896F-556312F8FF3B\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1c743127cc54b112b155f434756bd4b5fa565a99\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/39509d76a9a3d02f379d52cb4b1449469c56c0e0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7b6f44856da5ba0b1aa61403eb9fddd272156503\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b70ff391deeec35cdd8a05f5f63f5fe28bc4f225\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1c743127cc54b112b155f434756bd4b5fa565a99\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/39509d76a9a3d02f379d52cb4b1449469c56c0e0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7b6f44856da5ba0b1aa61403eb9fddd272156503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b70ff391deeec35cdd8a05f5f63f5fe28bc4f225\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.