跳转到帖子

Huawei EulerOS: CVE-2021-47353: kernel security update

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Huawei EulerOS: CVE-2021-47353: kernel security update

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
05/21/2024
Created
10/09/2024
Added
10/08/2024
Modified
01/28/2025

Description

In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the value of sb_getblk function that could be NULL. Then, epos.bh is used without any check, causing a possible NULL pointer dereference when sb_getblk fails. This fix adds a check to validate the value of epos.bh.

Solution(s)

  • huawei-euleros-2_0_sp10-upgrade-kernel
  • huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists
  • huawei-euleros-2_0_sp10-upgrade-kernel-tools
  • huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs
  • huawei-euleros-2_0_sp10-upgrade-python3-perf

References

  • https://attackerkb.com/topics/cve-2021-47353
  • CVE - 2021-47353
  • EulerOS-SA-2024-2441
  • 查看数 699
  • 已创建
  • 最后回复
转到主题列表