216.73.216.86

CVE-2021-47560

· Published 24/05/2024 15:15 · Modified 24/05/2024 18:09

Labels: CVE-2021-47560 2024-05-24416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2021-47560

Essential information

Published
24/05/2024 15:15
Modified
24/05/2024 18:09
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not the CPU port (local port 0), which exists, but lacks a netdev. This can result in a NULL pointer dereference when calling netif_carrier_{on,off}(). Fix this by bailing early when processing an event reported for the CPU port. Problem was only observed when running on top of a buggy emulator.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

References