CVE-2021-47257: net: ieee802154: fix null deref in parse dev addr

Q: What is the severity of CVE-2021-47257?

CVE-2021-47257 has been classified as a medium severity vulnerability due to its potential to cause a null pointer dereference.

Q: How do I fix CVE-2021-47257?

To fix CVE-2021-47257, update the Linux kernel to versions 4.9.274, 4.14.238, 4.19.196, 5.4.127, 5.10.45, 5.12.12, or 5.13.

Q: What versions of the Linux kernel are affected by CVE-2021-47257?

CVE-2021-47257 affects multiple versions of the Linux kernel up to 5.13.

Q: Which Linux distributions are impacted by CVE-2021-47257?

CVE-2021-47257 primarily affects systems running vulnerable versions of the Linux kernel from Red Hat distributions.

Q: Can CVE-2021-47257 lead to system crashes?

Yes, CVE-2021-47257 can lead to system crashes due to null pointer dereference errors when the user sets the mode incorrectly.

Published May 21, 2024

Updated

In the Linux kernel, the following vulnerability has been resolved:

net: ieee802154: fix null deref in parse dev addr

Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type.

Other sources

In the Linux kernel, the following vulnerability has been resolved:

net: ieee802154: fix null deref in parse dev addr

The Linux kernel CVE team has assigned CVE-2021-47257 to this issue.

Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47257-1d1c@gregkh/T

— Red Hat

Affected Software

21 affected componentsFixes available

redhat/kernel<4.9.274

4.9.274

redhat/kernel<4.14.238

4.14.238

redhat/kernel<4.19.196

4.19.196

redhat/kernel<5.4.127

5.4.127

redhat/kernel<5.10.45

5.10.45

redhat/kernel<5.12.12

5.12.12

redhat/kernel<5.13

5.13

Linux Linux kernel<4.9.274

Linux Linux kernel>=4.10<4.14.238

Linux Linux kernel>=4.15<4.19.196

Linux Linux kernel>=4.20<5.4.127

Linux Linux kernel>=5.5<5.10.45

Linux Linux kernel>=5.11<5.12.12

Linux Linux kernel=5.13-rc1

Linux Linux kernel=5.13-rc2

Linux Linux kernel=5.13-rc3

Linux Linux kernel=5.13-rc4

IBM Security Verify Governance<=ISVG 10.0.2

IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2

IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2

IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2

Remediation

Event History

May 21, 2024

CVE Published

via MITRE·02:19 PM

Data Sourced

via MITRE·02:19 PM

Description

May 22, 2024

Data Sourced

via Red Hat·02:36 PM

DescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

IBM-7230443

Frequently Asked Questions

What is the severity of CVE-2021-47257?

CVE-2021-47257 has been classified as a medium severity vulnerability due to its potential to cause a null pointer dereference.

How do I fix CVE-2021-47257?

To fix CVE-2021-47257, update the Linux kernel to versions 4.9.274, 4.14.238, 4.19.196, 5.4.127, 5.10.45, 5.12.12, or 5.13.

What versions of the Linux kernel are affected by CVE-2021-47257?

CVE-2021-47257 affects multiple versions of the Linux kernel up to 5.13.

Which Linux distributions are impacted by CVE-2021-47257?

CVE-2021-47257 primarily affects systems running vulnerable versions of the Linux kernel from Red Hat distributions.

Can CVE-2021-47257 lead to system crashes?

Yes, CVE-2021-47257 can lead to system crashes due to null pointer dereference errors when the user sets the mode incorrectly.

CVE-2021-47257: net: ieee802154: fix null deref in parse dev addr

Other sources

Affected Software

Remediation

Patch Available

Patch Available

Patch Available

Patch Available

Patch Available

Patch Available

Patch Available

Event History

Parent advisories

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2021-47257?

How do I fix CVE-2021-47257?

What versions of the Linux kernel are affected by CVE-2021-47257?

Which Linux distributions are impacted by CVE-2021-47257?

Can CVE-2021-47257 lead to system crashes?

Company

Resources

Contact