CVE-2021-47186

Published: Apr 10, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: tipc: check for null after calling kmemdup kmemdup can return a null pointer so need to check for it, otherwise the null key will be dereferenced later in tipc_crypto_key_xmit as can be seen in the trace [1]. [1] https://syzkaller.appspot.com/bug?id=bca180abb29567b189efdbdb34cbf7ba851c2a58

Vendor	Product	Versions
Linux	Linux	affected `1ef6f7c9390ff5308c940ff8d0a53533a4673ad9 - < a7d91625863d4ffed63b993b5e6dc1298b6430c9` affected `1ef6f7c9390ff5308c940ff8d0a53533a4673ad9 - < 9404c4145542c23019a80ab1bb2ecf73cd057b10` affected `1ef6f7c9390ff5308c940ff8d0a53533a4673ad9 - < 3e6db079751afd527bf3db32314ae938dc571916`
Linux	Linux	affected `5.10` unaffected `0 - < 5.10` unaffected `5.10.82 - <= 5.10.` unaffected `5.15.5 - <= 5.15.` unaffected `5.16 - <= *`

References

https://git.kernel.org/stable/c/a7d91625863d4ffed63b993b5e6dc1298b6430c9

https://git.kernel.org/stable/c/9404c4145542c23019a80ab1bb2ecf73cd057b10

https://git.kernel.org/stable/c/3e6db079751afd527bf3db32314ae938dc571916

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-47186

Description

Affected Products

References