CVE-2021-47186 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: tipc: check for null after calling kmemdup kmemdup can return a null pointer so need to check for it, otherwise the null key will be dereferenced later in tipc_crypto_key_xmit as can be seen in the trace [1]. [1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916
https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10
https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9
https://lore.kernel.org/linux-cve-announce/2024041033-CVE-2021-47186-7287@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47186
https://www.cve.org/CVERecord?id=CVE-2021-47186

History

Fri, 21 Feb 2025 17:30:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Mon, 04 Nov 2024 12:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel:-:::::::*
Vendors & Products		Linux Linux linux Kernel
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-10T18:56:26.297Z

Updated: 2025-02-21T17:04:55.843Z

Reserved: 2024-03-25T09:12:14.113Z

Link: CVE-2021-47186

Vulnrichment

Updated: 2024-08-04T05:32:07.381Z

NVD

Status : Awaiting Analysis

Published: 2024-04-10T19:15:47.430

Modified: 2025-02-21T17:15:10.273

Link: CVE-2021-47186

Redhat

Severity : Low

Publid Date: 2024-04-10T00:00:00Z

Links: CVE-2021-47186 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47186", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-25T09:12:14.113Z", "datePublished": "2024-04-10T18:56:26.297Z", "dateUpdated": "2025-02-21T17:04:55.843Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:37:02.090Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: check for null after calling kmemdup\n\nkmemdup can return a null pointer so need to check for it, otherwise\nthe null key will be dereferenced later in tipc_crypto_key_xmit as\ncan be seen in the trace [1].\n\n\n[1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/tipc/crypto.c"], "versions": [{"version": "fc1b6d6de2208774efd2a20bf0daddb02d18b1e0", "lessThan": "a7d91625863d4ffed63b993b5e6dc1298b6430c9", "status": "affected", "versionType": "git"}, {"version": "fc1b6d6de2208774efd2a20bf0daddb02d18b1e0", "lessThan": "9404c4145542c23019a80ab1bb2ecf73cd057b10", "status": "affected", "versionType": "git"}, {"version": "fc1b6d6de2208774efd2a20bf0daddb02d18b1e0", "lessThan": "3e6db079751afd527bf3db32314ae938dc571916", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/tipc/crypto.c"], "versions": [{"version": "5.5", "status": "affected"}, {"version": "0", "lessThan": "5.5", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.82", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.5", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9"}, {"url": "https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10"}, {"url": "https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916"}], "title": "tipc: check for null after calling kmemdup", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1da177e4c3f4", "status": "affected", "lessThan": "a7d91625863d", "versionType": "custom"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "9404c4145542", "versionType": "custom"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "3e6db079751a", "versionType": "custom"}, {"version": "5.10.82", "status": "unaffected", "lessThanOrEqual": "5.11", "versionType": "custom"}, {"version": "5.15.5", "status": "unaffected", "lessThanOrEqual": "5.16", "versionType": "custom"}, {"version": "5.16", "status": "unaffected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-15T14:53:12.521984Z", "id": "CVE-2021-47186", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-21T17:04:55.843Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.381Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.381Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47186", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-15T14:53:12.521984Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "a7d91625863d", "versionType": "custom"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "9404c4145542", "versionType": "custom"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "3e6db079751a", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.82", "versionType": "custom", "lessThanOrEqual": "5.11"}, {"status": "unaffected", "version": "5.15.5", "versionType": "custom", "lessThanOrEqual": "5.16"}, {"status": "unaffected", "version": "5.16"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-03T17:54:34.222Z"}}], "cna": {"title": "tipc: check for null after calling kmemdup", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "fc1b6d6de2208774efd2a20bf0daddb02d18b1e0", "lessThan": "a7d91625863d4ffed63b993b5e6dc1298b6430c9", "versionType": "git"}, {"status": "affected", "version": "fc1b6d6de2208774efd2a20bf0daddb02d18b1e0", "lessThan": "9404c4145542c23019a80ab1bb2ecf73cd057b10", "versionType": "git"}, {"status": "affected", "version": "fc1b6d6de2208774efd2a20bf0daddb02d18b1e0", "lessThan": "3e6db079751afd527bf3db32314ae938dc571916", "versionType": "git"}], "programFiles": ["net/tipc/crypto.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.5"}, {"status": "unaffected", "version": "0", "lessThan": "5.5", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.82", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.5", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/tipc/crypto.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9"}, {"url": "https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10"}, {"url": "https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: check for null after calling kmemdup\n\nkmemdup can return a null pointer so need to check for it, otherwise\nthe null key will be dereferenced later in tipc_crypto_key_xmit as\ncan be seen in the trace [1].\n\n\n[1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:37:02.090Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47186", "state": "PUBLISHED", "dateUpdated": "2025-02-21T17:04:55.843Z", "dateReserved": "2024-03-25T09:12:14.113Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-10T18:56:26.297Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}