|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2021-47002: kernel: SUNRPC: null pointer dereference in svc_rqst_free() | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | SMASH SMASH <smash_bz> |
| Component: | Incidents | Assignee: | Kernel Bugs <kernel-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | thomas.leroy |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/395451/ | ||
| Whiteboard: | |||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
Affected branches (SLE15-SP6, cve/linux-5.14, stable) already fixed, closing closing |
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null pointer dereference in svc_rqst_free() When alloc_pages_node() returns null in svc_rqst_alloc(), the null rq_scratch_page pointer will be dereferenced when calling put_page() in svc_rqst_free(). Fix it by adding a null check. Addresses-Coverity: ("Dereference after null check") References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47002 https://git.kernel.org/stable/c/b9f83ffaa0c096b4c832a43964fe6bff3acffe10 https://git.kernel.org/stable/c/c664aaec9aee544538a78ba4893a44bc73a6d742 https://www.cve.org/CVERecord?id=CVE-2021-47002 https://git.kernel.org/stable/c/1e10f58f1c9a6b667b045513c7a4e6111c24fe7c