Vulnerabilities > CVE-2021-47591 - NULL Pointer Dereference vulnerability in Linux Kernel

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

CWE-476

NVD

Published: 2024-06-19

Updated: 2024-11-01

Summary

In the Linux kernel, the following vulnerability has been resolved: mptcp: remove tcp ulp setsockopt support TCP_ULP setsockopt cannot be used for mptcp because its already used internally to plumb subflow (tcp) sockets to the mptcp layer. syzbot managed to trigger a crash for mptcp connections that are in fallback mode: KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] CPU: 1 PID: 1083 Comm: syz-executor.3 Not tainted 5.16.0-rc2-syzkaller #0 RIP: 0010:tls_build_proto net/tls/tls_main.c:776 [inline] [..] __tcp_set_ulp net/ipv4/tcp_ulp.c:139 [inline] tcp_set_ulp+0x428/0x4c0 net/ipv4/tcp_ulp.c:160 do_tcp_setsockopt+0x455/0x37c0 net/ipv4/tcp.c:3391 mptcp_setsockopt+0x1b47/0x2400 net/mptcp/sockopt.c:638 Remove support for TCP_ULP setsockopt.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 5.16 Linux Linux Kernel 5.13 Linux Linux Kernel 5.13.0-52 Linux Linux Kernel 5.13.1 Linux Linux Kernel 5.13.2 Linux Linux Kernel 5.13.3 Linux Linux Kernel 5.13.4 Linux Linux Kernel 5.13.5 Linux Linux Kernel 5.13.6 Linux Linux Kernel 5.13.7 Linux Linux Kernel 5.13.8 Linux Linux Kernel 5.13.9 Linux Linux Kernel 5.13.10 Linux Linux Kernel 5.13.11 Linux Linux Kernel 5.13.12 Linux Linux Kernel 5.13.13 Linux Linux Kernel 5.13.14 Linux Linux Kernel 5.13.15 Linux Linux Kernel 5.13.16 Linux Linux Kernel 5.13.17 Linux Linux Kernel 5.13.18 Linux Linux Kernel 5.13.19 Linux Linux Kernel 5.14 Linux Linux Kernel 5.14.1 Linux Linux Kernel 5.14.2 Linux Linux Kernel 5.14.3 Linux Linux Kernel 5.14.4 Linux Linux Kernel 5.14.5 Linux Linux Kernel 5.14.6 Linux Linux Kernel 5.14.7 Linux Linux Kernel 5.14.8 Linux Linux Kernel 5.14.9 Linux Linux Kernel 5.14.10 Linux Linux Kernel 5.14.11 Linux Linux Kernel 5.14.12 Linux Linux Kernel 5.14.13 Linux Linux Kernel 5.14.14 Linux Linux Kernel 5.14.15 Linux Linux Kernel 5.14.16 Linux Linux Kernel 5.14.17 Linux Linux Kernel 5.14.18 Linux Linux Kernel 5.14.19 Linux Linux Kernel 5.14.20 Linux Linux Kernel 5.14.21 Linux Linux Kernel 5.15 Linux Linux Kernel 5.15.0 Linux Linux Kernel 5.15.0-58 Linux Linux Kernel 5.15.1 Linux Linux Kernel 5.15.2 Linux Linux Kernel 5.15.3 Linux Linux Kernel 5.15.4 Linux Linux Kernel 5.15.5 Linux Linux Kernel 5.15.6 Linux Linux Kernel 5.15.7 Linux Linux Kernel 5.15.8 Linux Linux Kernel 5.15.9 Linux Linux Kernel 5.15.10	82

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References