Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-47149 |
CWE-ID | CWE-476 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU90620
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47149
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fmvj18x_get_hwinfo() function in drivers/net/ethernet/fujitsu/fmvj18x_cs.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/b92170e209f7746ed72eaac98f2c2f4b9af734e6
http://git.kernel.org/stable/c/6dbf1101594f7c76990b63c35b5a40205a914b6b
http://git.kernel.org/stable/c/c4f1c23edbe921ab2ecd6140d700e756cd44c5f7
http://git.kernel.org/stable/c/7883d3895d0fbb0ba9bff0f8665f99974b45210f
http://git.kernel.org/stable/c/22049c3d40f08facd1867548716a484dad6b3251
http://git.kernel.org/stable/c/71723a796ab7881f491d663c6cd94b29be5fba50
http://git.kernel.org/stable/c/f14bf57a08779a5dee9936f63ada0149ea89c5e6
http://git.kernel.org/stable/c/52202be1cd996cde6e8969a128dc27ee45a7cb5e
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.