{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47257", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-04-10T18:59:19.540Z", "datePublished": "2024-05-21T14:19:51.445Z", "dateUpdated": "2024-12-19T07:38:22.150Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:38:22.150Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ieee802154/nl802154.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "1f95741981c899c4724647291fec5faa3c777185", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c6998ccfefa652bac3f9b236821e392af43efa1e", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "5f728ec65485625e30f46e5b4917ff023ad29ea0", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "d0f47648b87b6d5f204cb7f3cbce6d36dab85a67", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "fdd51e34f45311ab6e48d2147cbc2904731b9993", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "9fdd04918a452980631ecc499317881c1d120b70", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ieee802154/nl802154.c"], "versions": [{"version": "4.9.274", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.238", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.196", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.127", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.45", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.12", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185"}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e"}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0"}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67"}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627"}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993"}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70"}], "title": "net: ieee802154: fix null deref in parse dev addr", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-05-31T18:51:05.818923Z", "id": "CVE-2021-47257", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T16:26:45.246Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.048Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47257", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-04-10T18:59:19.540Z", "datePublished": "2024-05-21T14:19:51.445Z", "dateUpdated": "2024-11-07T16:26:45.246Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:02:26.461Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ieee802154/nl802154.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "1f95741981c8", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "c6998ccfefa6", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "5f728ec65485", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "d0f47648b87b", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "c7836de2cadd", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "fdd51e34f453", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "9fdd04918a45", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ieee802154/nl802154.c"], "versions": [{"version": "4.9.274", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.238", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.196", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.127", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.45", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.12", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185"}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e"}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0"}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67"}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627"}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993"}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70"}], "title": "net: ieee802154: fix null deref in parse dev addr", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.048Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-47257", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-31T18:51:05.818923Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-31T18:51:09.713Z"}}]}}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: ieee802154: corrige el deref null en analizar dev addr. Se corrige un error l\u00f3gico que podr\u00eda resultar en un deref null si el usuario configura el modo incorrectamente para el tipo de direcci\u00f3n dado."}], "id": "CVE-2021-47257", "lastModified": "2024-11-21T06:35:44.263", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-21T15:15:14.460", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}], "bugzilla": {"description": "kernel: net: ieee802154: fix null deref in parse dev addr", "id": "2282553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282553"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: ieee802154: fix null deref in parse dev addr\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type."], "name": "CVE-2021-47257", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47257\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47257\nhttps://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47257-1d1c@gregkh/T"], "threat_severity": "Low"}