CVE-2021-47223

2024-05-2100:00:00

ubuntu.com

linux kernel

vulnerability

net bridge

vlan tunnel

null pointer dereference

lockless access

tunnel egress path

rcu

dst

kernel patch

cve-2021-47223

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved: net:
bridge: fix vlan tunnel dst null pointer dereference This patch fixes a
tunnel_dst null pointer dereference due to lockless access in the tunnel
egress path. When deleting a vlan tunnel the tunnel_dst pointer is set to
NULL without waiting a grace period (i.e. while it’s still usable) and
packets egressing are dereferencing it without checking. Use
READ/WRITE_ONCE to annotate the lockless use of tunnel_id, use RCU for
accessing tunnel_dst and make sure it is read only once and checked in the
egress path. The dst is already properly RCU protected so we don’t need to
do anything fancy than to make sure tunnel_id and tunnel_dst are read only
once and checked in the egress path.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu14.04noarchlinux< anyUNKNOWN
ubuntu16.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	14.04	noarch	linux	< any	UNKNOWN
ubuntu	16.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN