In the Linux kernel, the following vulnerability has been resolved:
mlxsw: spectrum: Protect driver from buggy firmware
When processing port up/down events generated by the device's firmware,
the driver protects itself from events reported for non-existent local
ports, but not the CPU port (local port 0), which exists, but lacks a
netdev.
This can result in a NULL pointer dereference when calling
netif_carrier_{on,off}().
Fix this by bailing early when processing an event reported for the CPU
port. Problem was only observed when running on top of a buggy emulator.
Metrics
Affected Vendors & Products
References
History
Mon, 04 Nov 2024 12:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 16 Oct 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/o:redhat:rhel_aus:8.6 cpe:/o:redhat:rhel_e4s:8.6 cpe:/o:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
Wed, 16 Oct 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/o:redhat:rhel_eus:8.8 | |
Vendors & Products |
Redhat rhel Eus
|
Tue, 08 Oct 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:enterprise_linux:9::nfv cpe:/o:redhat:enterprise_linux:9 |
Tue, 24 Sep 2024 11:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:8 |
Tue, 24 Sep 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:8::nfv | |
Vendors & Products |
Redhat
Redhat enterprise Linux |
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-24T15:12:49.369Z
Updated: 2024-12-19T07:44:50.124Z
Reserved: 2024-05-24T15:11:00.727Z
Link: CVE-2021-47560
Vulnrichment
Updated: 2024-08-04T05:39:59.814Z
NVD
Status : Awaiting Analysis
Published: 2024-05-24T15:15:20.613
Modified: 2024-11-21T06:36:33.497
Link: CVE-2021-47560
Redhat