Linux · Linux Kernel · CVE-2021-47560
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to a NULL pointer dereference in the Linux kernel's mlxsw spectrum driver. This occurs when processing port up/down events generated by the device's firmware, specifically for the CPU port (local port 0), which exists but lacks a netdev. The problem was observed when running on top of a buggy emulator. The vulnerability can result in a denial of service.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.