CVE-2021-47482 - Vulnerability Details

Vendors	Products
Linux	Kernel Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20
https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73
https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e
https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68
https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347
https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8
https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00
https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51
https://lore.kernel.org/linux-cve-announce/2024052238-CVE-2021-47482-5612@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47482
https://www.cve.org/CVERecord?id=CVE-2021-47482

Type	Values Removed	Values Added
First Time appeared		Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.15:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc3:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc5:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc6:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc7::::::
Vendors & Products		Linux linux Kernel

Type	Values Removed	Values Added
First Time appeared		Linux Linux kernel
CPEs		cpe:2.3:a:linux:kernel::::::::
Vendors & Products		Linux Linux kernel
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47482", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-22T06:20:56.200Z", "datePublished": "2024-05-22T08:19:34.174Z", "dateUpdated": "2025-05-04T07:12:02.779Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:12:02.779Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: batman-adv: fix error handling\n\nSyzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was\nin wrong error handling in batadv_mesh_init().\n\nBefore this patch batadv_mesh_init() was calling batadv_mesh_free() in case\nof any batadv_*_init() calls failure. This approach may work well, when\nthere is some kind of indicator, which can tell which parts of batadv are\ninitialized; but there isn't any.\n\nAll written above lead to cleaning up uninitialized fields. Even if we hide\nODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit\nGPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]\n\nTo fix these bugs we can unwind batadv_*_init() calls one by one.\nIt is good approach for 2 reasons: 1) It fixes bugs on error handling\npath 2) It improves the performance, since we won't call unneeded\nbatadv_*_free() functions.\n\nSo, this patch makes all batadv_*_init() clean up all allocated memory\nbefore returning with an error to no call correspoing batadv_*_free()\nand open-codes batadv_mesh_free() with proper order to avoid touching\nuninitialized fields."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/batman-adv/bridge_loop_avoidance.c", "net/batman-adv/main.c", "net/batman-adv/network-coding.c", "net/batman-adv/translation-table.c"], "versions": [{"version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "0c6b199f09be489c48622537a550787fc80aea73", "status": "affected", "versionType": "git"}, {"version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20", "status": "affected", "versionType": "git"}, {"version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "e50f957652190b5a88a8ebce7e5ab14ebd0d3f00", "status": "affected", "versionType": "git"}, {"version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "fbf150b16a3635634b7dfb7f229d8fcd643c6c51", "status": "affected", "versionType": "git"}, {"version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "6422e8471890273994fe8cc6d452b0dcd2c9483e", "status": "affected", "versionType": "git"}, {"version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "b0a2cd38553c77928ef1646ed1518486b1e70ae8", "status": "affected", "versionType": "git"}, {"version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "a8f7359259dd5923adc6129284fdad12fc5db347", "status": "affected", "versionType": "git"}, {"version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "6f68cd634856f8ca93bafd623ba5357e0f648c68", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/batman-adv/bridge_loop_avoidance.c", "net/batman-adv/main.c", "net/batman-adv/network-coding.c", "net/batman-adv/translation-table.c"], "versions": [{"version": "2.6.38", "status": "affected"}, {"version": "0", "lessThan": "2.6.38", "status": "unaffected", "versionType": "semver"}, {"version": "4.4.293", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.289", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.254", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.215", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.157", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.77", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.14.16", "lessThanOrEqual": "5.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.38", "versionEndExcluding": "4.4.293"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.38", "versionEndExcluding": "4.9.289"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.38", "versionEndExcluding": "4.14.254"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.38", "versionEndExcluding": "4.19.215"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.38", "versionEndExcluding": "5.4.157"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.38", "versionEndExcluding": "5.10.77"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.38", "versionEndExcluding": "5.14.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.38", "versionEndExcluding": "5.15"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73"}, {"url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20"}, {"url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00"}, {"url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51"}, {"url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e"}, {"url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8"}, {"url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347"}, {"url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68"}], "title": "net: batman-adv: fix error handling", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-47482", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-22T14:23:49.834451Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:linux:kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "kernel", "versions": [{"status": "affected", "version": "c6c8fea29769", "lessThan": "6f68cd634856", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-544", "description": "CWE-544 Missing Standardized Error Handling Mechanism"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:15:18.900Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.554Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2021-47482 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-05-22T06:20:56.200Z (string)

datePublished : 2024-05-22T08:19:34.174Z (string)

dateUpdated : 2025-05-04T07:12:02.779Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:12:02.779Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was in wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling batadv_mesh_free() in case of any batadv_*_init() calls failure. This approach may work well, when there is some kind of indicator, which can tell which parts of batadv are initialized; but there isn't any. All written above lead to cleaning up uninitialized fields. Even if we hide ODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit GPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1] To fix these bugs we can unwind batadv_*_init() calls one by one. It is good approach for 2 reasons: 1) It fixes bugs on error handling path 2) It improves the performance, since we won't call unneeded batadv_*_free() functions. So, this patch makes all batadv_*_init() clean up all allocated memory before returning with an error to no call correspoing batadv_*_free() and open-codes batadv_mesh_free() with proper order to avoid touching uninitialized fields. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/batman-adv/bridge_loop_avoidance.c (string)

1 : net/batman-adv/main.c (string)

2 : net/batman-adv/network-coding.c (string)

3 : net/batman-adv/translation-table.c (string)

]

versions : [ »

0 : { »

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : 0c6b199f09be489c48622537a550787fc80aea73 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : 07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : e50f957652190b5a88a8ebce7e5ab14ebd0d3f00 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : fbf150b16a3635634b7dfb7f229d8fcd643c6c51 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : 6422e8471890273994fe8cc6d452b0dcd2c9483e (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : b0a2cd38553c77928ef1646ed1518486b1e70ae8 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : a8f7359259dd5923adc6129284fdad12fc5db347 (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : 6f68cd634856f8ca93bafd623ba5357e0f648c68 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/batman-adv/bridge_loop_avoidance.c (string)

1 : net/batman-adv/main.c (string)

2 : net/batman-adv/network-coding.c (string)

3 : net/batman-adv/translation-table.c (string)

]

versions : [ »

0 : { »

version : 2.6.38 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 2.6.38 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.4.293 (string)

lessThanOrEqual : 4.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 4.9.289 (string)

lessThanOrEqual : 4.9.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 4.14.254 (string)

lessThanOrEqual : 4.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 4.19.215 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.4.157 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 5.10.77 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 5.14.16 (string)

lessThanOrEqual : 5.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 5.15 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.38 (string)

versionEndExcluding : 4.4.293 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.38 (string)

versionEndExcluding : 4.9.289 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.38 (string)

versionEndExcluding : 4.14.254 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.38 (string)

versionEndExcluding : 4.19.215 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.38 (string)

versionEndExcluding : 5.4.157 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.38 (string)

versionEndExcluding : 5.10.77 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.38 (string)

versionEndExcluding : 5.14.16 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.38 (string)

versionEndExcluding : 5.15 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e (string)

}

5 : { »

url : https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68 (string)

}

]

title : net: batman-adv: fix error handling (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 5.3 (number)

attackVector : NETWORK (string)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

integrityImpact : NONE (string)

userInteraction : NONE (string)

attackComplexity : HIGH (string)

availabilityImpact : HIGH (string)

privilegesRequired : LOW (string)

confidentialityImpact : NONE (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47482 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-22T14:23:49.834451Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:a:linux:kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : c6c8fea29769 (string)

lessThan : 6f68cd634856 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-544 (string)

description : CWE-544 Missing Standardized Error Handling Mechanism (string)

}

]

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-04T17:15:18.900Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:39:59.554Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.554Z"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-47482", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-22T14:23:49.834451Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:linux:kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "kernel", "versions": [{"status": "affected", "version": "c6c8fea29769", "lessThan": "6f68cd634856", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-544", "description": "CWE-544 Missing Standardized Error Handling Mechanism"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-22T14:23:34.682Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "net: batman-adv: fix error handling", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "0c6b199f09be489c48622537a550787fc80aea73", "versionType": "git"}, {"status": "affected", "version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20", "versionType": "git"}, {"status": "affected", "version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "e50f957652190b5a88a8ebce7e5ab14ebd0d3f00", "versionType": "git"}, {"status": "affected", "version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "fbf150b16a3635634b7dfb7f229d8fcd643c6c51", "versionType": "git"}, {"status": "affected", "version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "6422e8471890273994fe8cc6d452b0dcd2c9483e", "versionType": "git"}, {"status": "affected", "version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "b0a2cd38553c77928ef1646ed1518486b1e70ae8", "versionType": "git"}, {"status": "affected", "version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "a8f7359259dd5923adc6129284fdad12fc5db347", "versionType": "git"}, {"status": "affected", "version": "c6c8fea29769d998d94fcec9b9f14d4b52b349d3", "lessThan": "6f68cd634856f8ca93bafd623ba5357e0f648c68", "versionType": "git"}], "programFiles": ["net/batman-adv/bridge_loop_avoidance.c", "net/batman-adv/main.c", "net/batman-adv/network-coding.c", "net/batman-adv/translation-table.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.38"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.38", "versionType": "semver"}, {"status": "unaffected", "version": "4.4.293", "versionType": "semver", "lessThanOrEqual": "4.4.*"}, {"status": "unaffected", "version": "4.9.289", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.254", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.215", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.157", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.77", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.14.16", "versionType": "semver", "lessThanOrEqual": "5.14.*"}, {"status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/batman-adv/bridge_loop_avoidance.c", "net/batman-adv/main.c", "net/batman-adv/network-coding.c", "net/batman-adv/translation-table.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73"}, {"url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20"}, {"url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00"}, {"url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51"}, {"url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e"}, {"url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8"}, {"url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347"}, {"url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: batman-adv: fix error handling\n\nSyzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was\nin wrong error handling in batadv_mesh_init().\n\nBefore this patch batadv_mesh_init() was calling batadv_mesh_free() in case\nof any batadv_*_init() calls failure. This approach may work well, when\nthere is some kind of indicator, which can tell which parts of batadv are\ninitialized; but there isn't any.\n\nAll written above lead to cleaning up uninitialized fields. Even if we hide\nODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit\nGPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]\n\nTo fix these bugs we can unwind batadv_*_init() calls one by one.\nIt is good approach for 2 reasons: 1) It fixes bugs on error handling\npath 2) It improves the performance, since we won't call unneeded\nbatadv_*_free() functions.\n\nSo, this patch makes all batadv_*_init() clean up all allocated memory\nbefore returning with an error to no call correspoing batadv_*_free()\nand open-codes batadv_mesh_free() with proper order to avoid touching\nuninitialized fields."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.4.293", "versionStartIncluding": "2.6.38"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.9.289", "versionStartIncluding": "2.6.38"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.254", "versionStartIncluding": "2.6.38"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.215", "versionStartIncluding": "2.6.38"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.157", "versionStartIncluding": "2.6.38"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.77", "versionStartIncluding": "2.6.38"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.14.16", "versionStartIncluding": "2.6.38"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15", "versionStartIncluding": "2.6.38"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:12:02.779Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47482", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:12:02.779Z", "dateReserved": "2024-05-22T06:20:56.200Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-22T08:19:34.174Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:39:59.554Z (string)

}

1 : { »

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 5.3 (number)

attackVector : NETWORK (string)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

integrityImpact : NONE (string)

userInteraction : NONE (string)

attackComplexity : HIGH (string)

availabilityImpact : HIGH (string)

privilegesRequired : LOW (string)

confidentialityImpact : NONE (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47482 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-22T14:23:49.834451Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:a:linux:kernel:*:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : c6c8fea29769 (string)

lessThan : 6f68cd634856 (string)

versionType : custom (string)

}

]

defaultStatus : unknown (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-544 (string)

description : CWE-544 Missing Standardized Error Handling Mechanism (string)

}

]

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-05-22T14:23:34.682Z (string)

}

title : CISA ADP Vulnrichment (string)

}

]

cna : { »

title : net: batman-adv: fix error handling (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : 0c6b199f09be489c48622537a550787fc80aea73 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : 07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : e50f957652190b5a88a8ebce7e5ab14ebd0d3f00 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : fbf150b16a3635634b7dfb7f229d8fcd643c6c51 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : 6422e8471890273994fe8cc6d452b0dcd2c9483e (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : b0a2cd38553c77928ef1646ed1518486b1e70ae8 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : a8f7359259dd5923adc6129284fdad12fc5db347 (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : c6c8fea29769d998d94fcec9b9f14d4b52b349d3 (string)

lessThan : 6f68cd634856f8ca93bafd623ba5357e0f648c68 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : net/batman-adv/bridge_loop_avoidance.c (string)

1 : net/batman-adv/main.c (string)

2 : net/batman-adv/network-coding.c (string)

3 : net/batman-adv/translation-table.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 2.6.38 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 2.6.38 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.4.293 (string)

versionType : semver (string)

lessThanOrEqual : 4.4.* (string)

}

3 : { »

status : unaffected (string)

version : 4.9.289 (string)

versionType : semver (string)

lessThanOrEqual : 4.9.* (string)

}

4 : { »

status : unaffected (string)

version : 4.14.254 (string)

versionType : semver (string)

lessThanOrEqual : 4.14.* (string)

}

5 : { »

status : unaffected (string)

version : 4.19.215 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

6 : { »

status : unaffected (string)

version : 5.4.157 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

7 : { »

status : unaffected (string)

version : 5.10.77 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

8 : { »

status : unaffected (string)

version : 5.14.16 (string)

versionType : semver (string)

lessThanOrEqual : 5.14.* (string)

}

9 : { »

status : unaffected (string)

version : 5.15 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : net/batman-adv/bridge_loop_avoidance.c (string)

1 : net/batman-adv/main.c (string)

2 : net/batman-adv/network-coding.c (string)

3 : net/batman-adv/translation-table.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e (string)

}

5 : { »

url : https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was in wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling batadv_mesh_free() in case of any batadv_*_init() calls failure. This approach may work well, when there is some kind of indicator, which can tell which parts of batadv are initialized; but there isn't any. All written above lead to cleaning up uninitialized fields. Even if we hide ODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit GPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1] To fix these bugs we can unwind batadv_*_init() calls one by one. It is good approach for 2 reasons: 1) It fixes bugs on error handling path 2) It improves the performance, since we won't call unneeded batadv_*_free() functions. So, this patch makes all batadv_*_init() clean up all allocated memory before returning with an error to no call correspoing batadv_*_free() and open-codes batadv_mesh_free() with proper order to avoid touching uninitialized fields. (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.4.293 (string)

versionStartIncluding : 2.6.38 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.9.289 (string)

versionStartIncluding : 2.6.38 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.14.254 (string)

versionStartIncluding : 2.6.38 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.215 (string)

versionStartIncluding : 2.6.38 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.157 (string)

versionStartIncluding : 2.6.38 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.77 (string)

versionStartIncluding : 2.6.38 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.14.16 (string)

versionStartIncluding : 2.6.38 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15 (string)

versionStartIncluding : 2.6.38 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:12:02.779Z (string)

}

cveMetadata : { »

cveId : CVE-2021-47482 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T07:12:02.779Z (string)

dateReserved : 2024-05-22T06:20:56.200Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-22T08:19:34.174Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1E4D506-01FA-4F4C-95E2-BCECF5E233B6", "versionEndExcluding": "4.4.293", "versionStartIncluding": "2.6.38", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C36E651-9DAF-456A-BF26-911C6969C788", "versionEndExcluding": "4.9.289", "versionStartIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5B52B53-46CA-466D-A89D-BBB72ED073BF", "versionEndExcluding": "4.14.254", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "254BE7BF-D39E-4928-A0AD-B6BBBCACF09C", "versionEndExcluding": "4.19.215", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FBCA21B-424F-4B7F-A9A8-FDD64FE6BD3B", "versionEndExcluding": "5.4.157", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "26EB7ED9-AEA3-4829-8B5E-08571262F72A", "versionEndExcluding": "5.10.77", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2681B950-4548-4649-A9E1-4124B59FC09C", "versionEndExcluding": "5.14.16", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*", "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*", "matchCriteriaId": "9E9481B2-8AA6-4CBD-B5D3-C10F51FF6D01", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc6:*:*:*:*:*:*", "matchCriteriaId": "EBD45831-4B79-42BC-ABC0-86870F0DEA89", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:*", "matchCriteriaId": "948A6B8D-1B72-4945-8680-354E53BE1C80", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: batman-adv: fix error handling\n\nSyzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was\nin wrong error handling in batadv_mesh_init().\n\nBefore this patch batadv_mesh_init() was calling batadv_mesh_free() in case\nof any batadv_*_init() calls failure. This approach may work well, when\nthere is some kind of indicator, which can tell which parts of batadv are\ninitialized; but there isn't any.\n\nAll written above lead to cleaning up uninitialized fields. Even if we hide\nODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit\nGPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]\n\nTo fix these bugs we can unwind batadv_*_init() calls one by one.\nIt is good approach for 2 reasons: 1) It fixes bugs on error handling\npath 2) It improves the performance, since we won't call unneeded\nbatadv_*_free() functions.\n\nSo, this patch makes all batadv_*_init() clean up all allocated memory\nbefore returning with an error to no call correspoing batadv_*_free()\nand open-codes batadv_mesh_free() with proper order to avoid touching\nuninitialized fields."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: batman-adv: correcci\u00f3n de manejo de errores Syzbot inform\u00f3 advertencia ODEBUG en batadv_nc_mesh_free(). El problema estaba en el manejo incorrecto de errores en batadv_mesh_init(). Antes de este parche, batadv_mesh_init() llamaba a batadv_mesh_free() en caso de que fallara alguna llamada a batadv_*_init(). Este enfoque puede funcionar bien cuando hay alg\u00fan tipo de indicador que puede indicar qu\u00e9 partes de batadv est\u00e1n inicializadas; pero no hay ninguno. Todo lo escrito anteriormente conduce a la sanitizaci\u00f3n de campos no inicializados. Incluso si ocultamos la advertencia ODEBUG inicializando bat_priv-&gt;nc.work, syzbot pudo presionar GPF en batadv_nc_purge_paths(), porque el puntero hash todav\u00eda es NULL. [1] Para corregir estos errores podemos desenredar las llamadas batadv_*_init() una por una. Es un buen enfoque por 2 razones: 1) Corrige errores en la ruta de manejo de errores 2) Mejora el rendimiento, ya que no llamaremos a funciones batadv_*_free() innecesarias. Entonces, este parche hace que batadv_*_init() limpie toda la memoria asignada antes de regresar con un error de no llamada correspondiente a batadv_*_free() y c\u00f3digos abiertos batadv_mesh_free() con el orden adecuado para evitar tocar campos no inicializados."}], "id": "CVE-2021-47482", "lastModified": "2025-04-02T15:09:19.797", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-22T09:15:10.150", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-544"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C1E4D506-01FA-4F4C-95E2-BCECF5E233B6 (string)

versionEndExcluding : 4.4.293 (string)

versionStartIncluding : 2.6.38 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3C36E651-9DAF-456A-BF26-911C6969C788 (string)

versionEndExcluding : 4.9.289 (string)

versionStartIncluding : 4.5 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E5B52B53-46CA-466D-A89D-BBB72ED073BF (string)

versionEndExcluding : 4.14.254 (string)

versionStartIncluding : 4.10 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 254BE7BF-D39E-4928-A0AD-B6BBBCACF09C (string)

versionEndExcluding : 4.19.215 (string)

versionStartIncluding : 4.15 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8FBCA21B-424F-4B7F-A9A8-FDD64FE6BD3B (string)

versionEndExcluding : 5.4.157 (string)

versionStartIncluding : 4.20 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 26EB7ED9-AEA3-4829-8B5E-08571262F72A (string)

versionEndExcluding : 5.10.77 (string)

versionStartIncluding : 5.5 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2681B950-4548-4649-A9E1-4124B59FC09C (string)

versionEndExcluding : 5.14.16 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:* (string)

matchCriteriaId : E46C74C6-B76B-4C94-A6A4-FD2FFF62D644 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:* (string)

matchCriteriaId : 60134C3A-06E4-48C1-B04F-2903732A4E56 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:* (string)

matchCriteriaId : 0460DA88-8FE1-46A2-9DDA-1F1ABA552E71 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:* (string)

matchCriteriaId : AF55383D-4DF2-45DC-93F7-571F4F978EAB (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:* (string)

matchCriteriaId : 9E9481B2-8AA6-4CBD-B5D3-C10F51FF6D01 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc6:*:*:*:*:*:* (string)

matchCriteriaId : EBD45831-4B79-42BC-ABC0-86870F0DEA89 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:* (string)

matchCriteriaId : 948A6B8D-1B72-4945-8680-354E53BE1C80 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was in wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling batadv_mesh_free() in case of any batadv_*_init() calls failure. This approach may work well, when there is some kind of indicator, which can tell which parts of batadv are initialized; but there isn't any. All written above lead to cleaning up uninitialized fields. Even if we hide ODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit GPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1] To fix these bugs we can unwind batadv_*_init() calls one by one. It is good approach for 2 reasons: 1) It fixes bugs on error handling path 2) It improves the performance, since we won't call unneeded batadv_*_free() functions. So, this patch makes all batadv_*_init() clean up all allocated memory before returning with an error to no call correspoing batadv_*_free() and open-codes batadv_mesh_free() with proper order to avoid touching uninitialized fields. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: batman-adv: corrección de manejo de errores Syzbot informó advertencia ODEBUG en batadv_nc_mesh_free(). El problema estaba en el manejo incorrecto de errores en batadv_mesh_init(). Antes de este parche, batadv_mesh_init() llamaba a batadv_mesh_free() en caso de que fallara alguna llamada a batadv_*_init(). Este enfoque puede funcionar bien cuando hay algún tipo de indicador que puede indicar qué partes de batadv están inicializadas; pero no hay ninguno. Todo lo escrito anteriormente conduce a la sanitización de campos no inicializados. Incluso si ocultamos la advertencia ODEBUG inicializando bat_priv->nc.work, syzbot pudo presionar GPF en batadv_nc_purge_paths(), porque el puntero hash todavía es NULL. [1] Para corregir estos errores podemos desenredar las llamadas batadv_*_init() una por una. Es un buen enfoque por 2 razones: 1) Corrige errores en la ruta de manejo de errores 2) Mejora el rendimiento, ya que no llamaremos a funciones batadv_*_free() innecesarias. Entonces, este parche hace que batadv_*_init() limpie toda la memoria asignada antes de regresar con un error de no llamada correspondiente a batadv_*_free() y códigos abiertos batadv_mesh_free() con el orden adecuado para evitar tocar campos no inicializados. (string)

}

]

id : CVE-2021-47482 (string)

lastModified : 2025-04-02T15:09:19.797 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 5.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.6 (number)

impactScore : 3.6 (number)

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

published : 2024-05-22T09:15:10.150 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8 (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00 (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/07533f1a673ce1126d0a72ef1e4b5eaaa3dd6d20 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0c6b199f09be489c48622537a550787fc80aea73 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6422e8471890273994fe8cc6d452b0dcd2c9483e (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6f68cd634856f8ca93bafd623ba5357e0f648c68 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a8f7359259dd5923adc6129284fdad12fc5db347 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/b0a2cd38553c77928ef1646ed1518486b1e70ae8 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e50f957652190b5a88a8ebce7e5ab14ebd0d3f00 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/fbf150b16a3635634b7dfb7f229d8fcd643c6c51 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-544 (string)

}

]

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: net: batman-adv: fix error handling", "id": "2282941", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282941"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: batman-adv: fix error handling\nSyzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was\nin wrong error handling in batadv_mesh_init().\nBefore this patch batadv_mesh_init() was calling batadv_mesh_free() in case\nof any batadv_*_init() calls failure. This approach may work well, when\nthere is some kind of indicator, which can tell which parts of batadv are\ninitialized; but there isn't any.\nAll written above lead to cleaning up uninitialized fields. Even if we hide\nODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit\nGPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1]\nTo fix these bugs we can unwind batadv_*_init() calls one by one.\nIt is good approach for 2 reasons: 1) It fixes bugs on error handling\npath 2) It improves the performance, since we won't call unneeded\nbatadv_*_free() functions.\nSo, this patch makes all batadv_*_init() clean up all allocated memory\nbefore returning with an error to no call correspoing batadv_*_free()\nand open-codes batadv_mesh_free() with proper order to avoid touching\nuninitialized fields."], "name": "CVE-2021-47482", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47482\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47482\nhttps://lore.kernel.org/linux-cve-announce/2024052238-CVE-2021-47482-5612@gregkh/T"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: net: batman-adv: fix error handling (string)

id : 2282941 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2282941 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 5.5 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

status : draft (string)

}

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was in wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling batadv_mesh_free() in case of any batadv_*_init() calls failure. This approach may work well, when there is some kind of indicator, which can tell which parts of batadv are initialized; but there isn't any. All written above lead to cleaning up uninitialized fields. Even if we hide ODEBUG warning by initializing bat_priv->nc.work, syzbot was able to hit GPF in batadv_nc_purge_paths(), because hash pointer in still NULL. [1] To fix these bugs we can unwind batadv_*_init() calls one by one. It is good approach for 2 reasons: 1) It fixes bugs on error handling path 2) It improves the performance, since we won't call unneeded batadv_*_free() functions. So, this patch makes all batadv_*_init() clean up all allocated memory before returning with an error to no call correspoing batadv_*_free() and open-codes batadv_mesh_free() with proper order to avoid touching uninitialized fields. (string)

]

name : CVE-2021-47482 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-22T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2021-47482 https://nvd.nist.gov/vuln/detail/CVE-2021-47482 https://lore.kernel.org/linux-cve-announce/2024052238-CVE-2021-47482-5612@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object