[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-47557":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":46,"related":47,"reserved_at":9,"published_at":57,"modified_at":58,"state":59,"summary":60,"references_raw":69,"kevs":84,"epss":85,"epss_history":88,"metrics":340,"affected":346},"CVE-2021-47557","In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_ets: don't peek at classes beyond 'nbands'\n\nwhen the number of DRR classes decreases, the round-robin active list can\ncontain elements that have already been freed in ets_qdisc_change(). As a\nconsequence, it's possible to see a NULL dereference crash, caused by the\nattempt to call cl->qdisc->ops->peek(cl->qdisc) when cl->qdisc is NULL:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 910 Comm: mausezahn Not tainted 5.16.0-rc1+ #475\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n RIP: 0010:ets_qdisc_dequeue+0x129/0x2c0 [sch_ets]\n Code: c5 01 41 39 ad e4 02 00 00 0f 87 18 ff ff ff 49 8b 85 c0 02 00 00 49 39 c4 0f 84 ba 00 00 00 49 8b ad c0 02 00 00 48 8b 7d 10 \u003C48> 8b 47 18 48 8b 40 38 0f ae e8 ff d0 48 89 c3 48 85 c0 0f 84 9d\n RSP: 0000:ffffbb36c0b5fdd8 EFLAGS: 00010287\n RAX: ffff956678efed30 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: ffffffff9b938dc9 RDI: 0000000000000000\n RBP: ffff956678efed30 R08: e2f3207fe360129c R09: 0000000000000000\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff956678efeac0\n R13: ffff956678efe800 R14: ffff956611545000 R15: ffff95667ac8f100\n FS:  00007f2aa9120740(0000) GS:ffff95667b800000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000018 CR3: 000000011070c000 CR4: 0000000000350ee0\n Call Trace:\n  \u003CTASK>\n  qdisc_peek_dequeued+0x29/0x70 [sch_ets]\n  tbf_dequeue+0x22/0x260 [sch_tbf]\n  __qdisc_run+0x7f/0x630\n  net_tx_action+0x290/0x4c0\n  __do_softirq+0xee/0x4f8\n  irq_exit_rcu+0xf4/0x130\n  sysvec_apic_timer_interrupt+0x52/0xc0\n  asm_sysvec_apic_timer_interrupt+0x12/0x20\n RIP: 0033:0x7f2aa7fc9ad4\n Code: b9 ff ff 48 8b 54 24 18 48 83 c4 08 48 89 ee 48 89 df 5b 5d e9 ed fc ff ff 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa \u003C53> 48 83 ec 10 48 8b 05 10 64 33 00 48 8b 00 48 85 c0 0f 85 84 00\n RSP: 002b:00007ffe5d33fab8 EFLAGS: 00000202\n RAX: 0000000000000002 RBX: 0000561f72c31460 RCX: 0000561f72c31720\n RDX: 0000000000000002 RSI: 0000561f72c31722 RDI: 0000561f72c31720\n RBP: 000000000000002a R08: 00007ffe5d33fa40 R09: 0000000000000014\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000561f7187e380\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000561f72c31460\n  \u003C/TASK>\n Modules linked in: sch_ets sch_tbf dummy rfkill iTCO_wdt intel_rapl_msr iTCO_vendor_support intel_rapl_common joydev virtio_balloon lpc_ich i2c_i801 i2c_smbus pcspkr ip_tables xfs libcrc32c crct10dif_pclmul crc32_pclmul crc32c_intel ahci libahci ghash_clmulni_intel serio_raw libata virtio_blk virtio_console virtio_net net_failover failover sunrpc dm_mirror dm_region_hash dm_log dm_mod\n CR2: 0000000000000018\n\nEnsuring that 'alist' was never zeroed [1] was not sufficient, we need to\nremove from the active list those elements that are no more SP nor DRR.\n\n[1] https://lore.kernel.org/netdev/60d274838bf09777f0371253416e8af71360bc08.1633609148.git.dcaratti@redhat.com/\n\nv3: fix race between ets_qdisc_change() and ets_qdisc_dequeue() delisting\n    DRR classes beyond 'nbands' in ets_qdisc_change() with the qdisc lock\n    acquired, thanks to Cong Wang.\n\nv2: when a NULL qdisc is found in the DRR active list, try to dequeue skb\n    from the next list item.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-476","NULL Pointer Dereference","The product dereferences a pointer that it expects to be valid but is NULL.","weakness","Stable","Base","Medium",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44],{"_key":25},"SUSE-SU-2024:2185-1",{"_key":27},"UBUNTU-CVE-2021-47557",{"_key":29},"SUSE-SU-2024:2010-1",{"_key":31},"SUSE-SU-2025:02264-1",{"_key":33},"SUSE-SU-2025:02537-1",{"_key":35},"SUSE-SU-2024:2008-1",{"_key":37},"SUSE-SU-2024:2019-1",{"_key":39},"SUSE-SU-2024:2190-1",{"_key":41},"SUSE-SU-2025:02321-1",{"_key":43},"SUSE-SU-2025:02322-1",{"_key":45},"DEBIAN-CVE-2021-47557",[],[48,49,50,51,52,53,54,55,56],{"_key":25},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},"2024-05-24T15:09:58.655Z","2026-05-11T13:56:55.850Z","Analyzed",{"cisa_kev":61,"cisa_ransomware":61,"cisa_vendor":9,"epss_severity":62,"epss_score":63,"severity":64,"severity_score":65,"severity_version":66,"severity_source":67,"severity_vector":68,"severity_status":59},false,"low",0.00012,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[70,76,80],{"url":71,"sources":72,"tags":74},"https://git.kernel.org/stable/c/ae2659d2c670252759ee9c823c4e039c0e05a6f2",[73,67],"cve.org",[75],"Patch",{"url":77,"sources":78,"tags":79},"https://git.kernel.org/stable/c/e25bdbc7e951ae5728fee1f4c09485df113d013c",[73,67],[75],{"url":81,"sources":82,"tags":83},"https://git.kernel.org/stable/c/de6d25924c2a8c2988c6a385990cafbe742061bf",[73,67],[75],[],{"date":86,"score":63,"percentile":87},"2026-06-03",0.01842,[89,92,95,98,101,104,107,110,113,116,119,122,125,128,131,135,138,141,145,147,150,153,156,159,162,164,167,170,172,175,178,181,184,187,190,193,196,199,202,205,207,210,213,215,217,220,223,226,229,231,234,237,240,242,244,246,249,252,254,257,259,261,264,267,270,273,275,278,280,283,285,288,290,293,296,299,302,305,307,310,313,316,319,322,325,328,330,333,335,338],{"date":90,"score":63,"percentile":91},"2025-11-04",0.01218,{"date":93,"score":63,"percentile":94},"2025-11-05",0.01238,{"date":96,"score":63,"percentile":97},"2025-11-06",0.01251,{"date":99,"score":63,"percentile":100},"2025-11-07",0.01254,{"date":102,"score":63,"percentile":103},"2025-11-08",0.01256,{"date":105,"score":63,"percentile":106},"2025-11-09",0.01253,{"date":108,"score":63,"percentile":109},"2025-11-10",0.01244,{"date":111,"score":63,"percentile":112},"2025-11-11",0.01249,{"date":114,"score":63,"percentile":115},"2025-11-12",0.0125,{"date":117,"score":63,"percentile":118},"2025-11-13",0.01255,{"date":120,"score":63,"percentile":121},"2025-11-14",0.0127,{"date":123,"score":63,"percentile":124},"2025-11-15",0.01285,{"date":126,"score":63,"percentile":127},"2025-11-16",0.01284,{"date":129,"score":63,"percentile":130},"2025-11-17",0.01275,{"date":132,"score":133,"percentile":134},"2025-11-18",0.00073,0.18347,{"date":136,"score":133,"percentile":137},"2025-11-19",0.18365,{"date":139,"score":133,"percentile":140},"2025-11-20",0.18343,{"date":142,"score":143,"percentile":144},"2025-11-21",0.00013,0.01441,{"date":146,"score":143,"percentile":144},"2025-11-22",{"date":148,"score":143,"percentile":149},"2025-11-23",0.01426,{"date":151,"score":143,"percentile":152},"2025-11-24",0.01422,{"date":154,"score":143,"percentile":155},"2025-11-25",0.01407,{"date":157,"score":143,"percentile":158},"2025-11-26",0.01352,{"date":160,"score":143,"percentile":161},"2025-11-27",0.0135,{"date":163,"score":143,"percentile":161},"2025-11-28",{"date":165,"score":143,"percentile":166},"2025-11-29",0.01389,{"date":168,"score":143,"percentile":169},"2025-11-30",0.01397,{"date":171,"score":143,"percentile":152},"2025-12-01",{"date":173,"score":143,"percentile":174},"2025-12-02",0.01415,{"date":176,"score":63,"percentile":177},"2025-12-03",0.01317,{"date":179,"score":63,"percentile":180},"2025-12-04",0.01292,{"date":182,"score":63,"percentile":183},"2025-12-05",0.01308,{"date":185,"score":63,"percentile":186},"2025-12-06",0.01312,{"date":188,"score":63,"percentile":189},"2025-12-07",0.01311,{"date":191,"score":63,"percentile":192},"2025-12-08",0.0131,{"date":194,"score":63,"percentile":195},"2025-12-09",0.01323,{"date":197,"score":63,"percentile":198},"2025-12-10",0.01335,{"date":200,"score":63,"percentile":201},"2025-12-11",0.01325,{"date":203,"score":63,"percentile":204},"2025-12-12",0.01324,{"date":206,"score":63,"percentile":192},"2025-12-13",{"date":208,"score":63,"percentile":209},"2025-12-14",0.01309,{"date":211,"score":63,"percentile":212},"2025-12-15",0.01306,{"date":214,"score":63,"percentile":189},"2025-12-16",{"date":216,"score":63,"percentile":192},"2025-12-17",{"date":218,"score":63,"percentile":219},"2025-12-18",0.013,{"date":221,"score":63,"percentile":222},"2025-12-19",0.01305,{"date":224,"score":63,"percentile":225},"2025-12-20",0.01304,{"date":227,"score":63,"percentile":228},"2025-12-21",0.01315,{"date":230,"score":63,"percentile":177},"2025-12-22",{"date":232,"score":63,"percentile":233},"2025-12-23",0.01316,{"date":235,"score":63,"percentile":236},"2025-12-24",0.01318,{"date":238,"score":63,"percentile":239},"2025-12-25",0.0132,{"date":241,"score":63,"percentile":195},"2025-12-26",{"date":243,"score":63,"percentile":177},"2025-12-27",{"date":245,"score":63,"percentile":177},"2025-12-28",{"date":247,"score":63,"percentile":248},"2025-12-29",0.01307,{"date":250,"score":63,"percentile":251},"2025-12-30",0.01303,{"date":253,"score":63,"percentile":219},"2025-12-31",{"date":255,"score":63,"percentile":256},"2026-01-01",0.01319,{"date":258,"score":63,"percentile":228},"2026-01-02",{"date":260,"score":63,"percentile":236},"2026-01-03",{"date":262,"score":63,"percentile":263},"2026-01-04",0.0129,{"date":265,"score":63,"percentile":266},"2026-01-05",0.01297,{"date":268,"score":63,"percentile":269},"2026-01-06",0.01291,{"date":271,"score":63,"percentile":272},"2026-01-07",0.01296,{"date":274,"score":63,"percentile":209},"2026-01-08",{"date":276,"score":63,"percentile":277},"2026-01-09",0.01326,{"date":279,"score":63,"percentile":198},"2026-01-10",{"date":281,"score":63,"percentile":282},"2026-01-11",0.01332,{"date":284,"score":63,"percentile":198},"2026-01-12",{"date":286,"score":63,"percentile":287},"2026-01-13",0.01333,{"date":289,"score":63,"percentile":198},"2026-01-14",{"date":291,"score":63,"percentile":292},"2026-01-15",0.01347,{"date":294,"score":63,"percentile":295},"2026-01-16",0.01354,{"date":297,"score":63,"percentile":298},"2026-01-17",0.01357,{"date":300,"score":63,"percentile":301},"2026-01-18",0.0137,{"date":303,"score":63,"percentile":304},"2026-01-19",0.01361,{"date":306,"score":63,"percentile":292},"2026-01-20",{"date":308,"score":63,"percentile":309},"2026-01-21",0.01343,{"date":311,"score":63,"percentile":312},"2026-01-22",0.01344,{"date":314,"score":63,"percentile":315},"2026-01-23",0.01359,{"date":317,"score":63,"percentile":318},"2026-01-24",0.01364,{"date":320,"score":63,"percentile":321},"2026-01-25",0.01362,{"date":323,"score":63,"percentile":324},"2026-01-26",0.0136,{"date":326,"score":63,"percentile":327},"2026-01-27",0.01348,{"date":329,"score":63,"percentile":327},"2026-01-28",{"date":331,"score":63,"percentile":332},"2026-01-29",0.01358,{"date":334,"score":63,"percentile":304},"2026-01-30",{"date":336,"score":63,"percentile":337},"2026-01-31",0.01376,{"date":339,"score":63,"percentile":169},"2026-02-01",[341],{"source":67,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":342,"cvss_v4_0":9},{"baseScore":65,"baseSeverity":343,"vectorString":68,"impactScore":344,"exploitabilityScore":345},"MEDIUM",6,4.6,[347,367],{"ecosystem":9,"name":348,"vendor":349,"product":349,"cpe_part":350,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":351},"Linux","linux","a",[352,359,362,365],{"version":353,"is_range":354,"range_type":73,"version_start":355,"version_start_type":356,"version_end":357,"version_end_type":358,"fixed_in":9},">= dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33, \u003C ae2659d2c670252759ee9c823c4e039c0e05a6f2",true,"dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33","including","ae2659d2c670252759ee9c823c4e039c0e05a6f2","excluding",{"version":360,"is_range":354,"range_type":73,"version_start":355,"version_start_type":356,"version_end":361,"version_end_type":358,"fixed_in":9},">= dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33, \u003C e25bdbc7e951ae5728fee1f4c09485df113d013c","e25bdbc7e951ae5728fee1f4c09485df113d013c",{"version":363,"is_range":354,"range_type":73,"version_start":355,"version_start_type":356,"version_end":364,"version_end_type":358,"fixed_in":9},">= dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33, \u003C de6d25924c2a8c2988c6a385990cafbe742061bf","de6d25924c2a8c2988c6a385990cafbe742061bf",{"version":366,"is_range":61,"range_type":73,"version_start":366,"version_start_type":356,"version_end":366,"version_end_type":356,"fixed_in":9},"5.6",{"ecosystem":9,"name":368,"vendor":349,"product":369,"cpe_part":370,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":371},"linux kernel","linux_kernel","o",[372,376,380,382],{"version":373,"is_range":354,"range_type":374,"version_start":366,"version_start_type":356,"version_end":375,"version_end_type":358,"fixed_in":9},"gte5.6_lt5.10.83","cpe","5.10.83",{"version":377,"is_range":354,"range_type":374,"version_start":378,"version_start_type":356,"version_end":379,"version_end_type":358,"fixed_in":9},"gte5.11_lt5.15.6","5.11","5.15.6",{"version":381,"is_range":61,"range_type":374,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.16:rc1",{"version":383,"is_range":61,"range_type":374,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.16:rc2"]