U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2021-47312

Change History

New CVE Received from kernel.org 5/21/2024 11:15:18 AM

Action Type Old Value New Value
Added Description

								
							
							
						
In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: Fix dereference of null pointer flow

In the case where chain->flags & NFT_CHAIN_HW_OFFLOAD is false then
nft_flow_rule_create is not called and flow is NULL. The subsequent
error handling execution via label err_destroy_flow_rule will lead
to a null pointer dereference on flow when calling nft_flow_rule_destroy.
Since the error path to err_destroy_flow_rule has to cater for null
and non-null flows, only call nft_flow_rule_destroy if flow is non-null
to fix this issue.

Addresses-Coverity: ("Explicity null dereference")
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/4ca041f919f13783b0b03894783deee00dbca19a [No types assigned]
Added Reference

								
							
							
						
kernel.org https://git.kernel.org/stable/c/70a5a1950cca02c5cd161bb3846b4d983eed97d3 [No types assigned]