CVE-2021-47559

Advisory lineage Upstream: 0 Downstream: 12
Modified
Published: 24 May 2024, 15:12
Last modified:11 May 2026, 13:56

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
v3.1 (nvd)
EPSS Score
0.03% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

24 May 2024, 15:12
Published
Vulnerability first disclosed
11 May 2026, 13:56
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() Coverity reports a possible NULL dereferencing problem: in smc_vlan_by_tcpsk(): 6. returned_null: netdev_lower_get_next returns NULL (checked 29 out of 30 times). 7. var_assigned: Assigning: ndev = NULL return value from netdev_lower_get_next. 1623 ndev = (struct net_device *)netdev_lower_get_next(ndev, &lower); CID 1468509 (#1 of 1): Dereference null return value (NULL_RETURNS) 8. dereference: Dereferencing a pointer that might be NULL ndev when calling is_vlan_dev. 1624 if (is_vlan_dev(ndev)) { Remove the manual implementation and use netdev_walk_all_lower_dev() to iterate over the lower devices. While on it remove an obsolete function parameter comment.

CVSS Metrics

  • v3.1MEDIUMScore: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.03% Percentile: 10%

Techniques & Countermeasures

  • CWE-476NULL Pointer Dereference

    The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

  • linuxlinux

    ≥ cb9d43f6775457cac75544bc4197f26ac2b6f294, < c94cbd262b6aa3b54d73a1ed1f9c0d19df57f4ff | ≥ cb9d43f6775457cac75544bc4197f26ac2b6f294, < bb851d0fb02547d03cd40106b5f2391c4fed6ed1 | ≥ cb9d43f6775457cac75544bc4197f26ac2b6f294, < 587acad41f1bc48e16f42bb2aca63bf323380be8 | 4.18

  • linuxlinux_kernel

    ≥ 4.18, < 5.10.83 | ≥ 5.11, < 5.15.6

References (3)