Main Vulnerability Database Vulnerabilities #VU92394

#VU92394 Null pointer dereference in Linux kernel - CVE-2021-46949

Published: June 20, 2024 / Updated: May 13, 2025

Vulnerability identifier: #VU92394

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-46949

CWE-ID: CWE-476

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to null pointer dereference error within the efx_farch_handle_tx_flush_done() function in drivers/net/ethernet/sfc/farch.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's repository.

External links

https://git.kernel.org/stable/c/fb791572d6747ef385f628450f8d57cd132e6e5a
https://git.kernel.org/stable/c/a1570985ec04116cc665b760faf666a104154170
https://git.kernel.org/stable/c/98d91180748986bfb6dfb3e72765f3225719a647
https://git.kernel.org/stable/c/5b1faa92289b53cad654123ed2bc8e10f6ddd4ac
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.36
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.20
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.3
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13

#VU92394 Null pointer dereference in Linux kernel - CVE-2021-46949

Description

Remediation

External links

Please verify you're human