CVE-2021-47353

May 21, 2024, 4:54 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the value of sb_getblk function that could be NULL. Then, epos.bh is used without any check, causing a possible NULL pointer dereference when sb_getblk fails. This fix adds a check to validate the value of epos.bh.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238
https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c
https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5
https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9
https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6
https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b
https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02
https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d
https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-21
CVE-2021-47353

Timeline

Published: May 21, 2024, 3:15 p.m.
Last Modified: May 21, 2024, 4:54 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.