SB20240621102 - NULL pointer dereference in Linux kernel jfs

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2021-47340)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the jfs_evict_inode() function in fs/jfs/inode.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/7bde24bde490f3139eee147efc6d60d6040fe975
• https://git.kernel.org/stable/c/745c9a59422c63f661f4374ed5181740db4130a1
• https://git.kernel.org/stable/c/49def1b0644892e3b113673c13d650c3060b43bc
• https://git.kernel.org/stable/c/aff8d95b69051d0cf4acc3d91f22299fdbb9dfb3
• https://git.kernel.org/stable/c/a21e5cb1a64c904f1f0ef7b2d386fc7d2b1d2ce2
• https://git.kernel.org/stable/c/8018936950360f1c503bb385e158cfc5e4945d18
• https://git.kernel.org/stable/c/3bb27e27240289b47d3466f647a55c567adbdc3a
• https://git.kernel.org/stable/c/42f102ea1943ecb10a0756bf75424de5d1d5beed
• https://git.kernel.org/stable/c/9d574f985fe33efd6911f4d752de6f485a1ea732
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.240
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.18
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.133