2024-05-21 16:03:24 +00:00
{
"id" : "CVE-2021-47353" ,
"sourceIdentifier" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"published" : "2024-05-21T15:15:21.693" ,
2024-12-24 17:03:42 +00:00
"lastModified" : "2024-12-24T16:11:59.943" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2024-05-21 16:03:24 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix NULL pointer dereference in udf_symlink function\n\nIn function udf_symlink, epos.bh is assigned with the value returned\nby udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c\nand returns the value of sb_getblk function that could be NULL.\nThen, epos.bh is used without any check, causing a possible\nNULL pointer dereference when sb_getblk fails.\n\nThis fix adds a check to validate the value of epos.bh."
2024-05-26 02:03:22 +00:00
} ,
{
"lang" : "es" ,
"value" : "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: udf: Se corrigi\u00f3 la desreferencia del puntero NULL en la funci\u00f3n udf_symlink. En la funci\u00f3n udf_symlink, a epos.bh se le asigna el valor devuelto por udf_tgetblk. La funci\u00f3n udf_tgetblk est\u00e1 definida en udf/misc.c y devuelve el valor de la funci\u00f3n sb_getblk que podr\u00eda ser NULL. Luego, epos.bh se usa sin ninguna verificaci\u00f3n, lo que provoca una posible desreferencia del puntero NULL cuando falla sb_getblk. Esta soluci\u00f3n agrega una verificaci\u00f3n para validar el valor de epos.bh."
2024-05-21 16:03:24 +00:00
}
] ,
2024-12-24 17:03:42 +00:00
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" ,
"baseScore" : 5.5 ,
"baseSeverity" : "MEDIUM" ,
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "HIGH"
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 3.6
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-476"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "4.4.276" ,
"matchCriteriaId" : "10282F37-B17F-4974-967E-FCD5ABC9AB8E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.5" ,
"versionEndExcluding" : "4.9.276" ,
"matchCriteriaId" : "C79FFC06-9530-4CD7-B651-01D786CC925E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.10" ,
"versionEndExcluding" : "4.14.240" ,
"matchCriteriaId" : "FB359B2E-773D-4D52-9915-E07A47ABE72B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.15" ,
"versionEndExcluding" : "4.19.198" ,
"matchCriteriaId" : "B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.20" ,
"versionEndExcluding" : "5.4.133" ,
"matchCriteriaId" : "65A8F1FF-5639-455A-8BF4-9FF529240505"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.5" ,
"versionEndExcluding" : "5.10.51" ,
"matchCriteriaId" : "93289127-DFB3-4515-89DD-50521FF8B7FF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.11" ,
"versionEndExcluding" : "5.12.18" ,
"matchCriteriaId" : "79D13C82-E06F-4A70-A3D1-C09494FBC94D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.13" ,
"versionEndExcluding" : "5.13.3" ,
"matchCriteriaId" : "853187F6-707A-487B-95C0-621B5211B43C"
}
]
}
]
}
] ,
2024-05-21 16:03:24 +00:00
"references" : [
{
"url" : "https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43" ,
2024-12-24 17:03:42 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43" ,
2024-12-24 17:03:42 +00:00
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2024-05-21 16:03:24 +00:00
}
]
}
