PT-2024-11483 · Linux+3 · Linux Kernel+3

Lorenzo Bianconi

Published

2021-11-18

Updated

2024-08-19

CVE-2021-47540

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel version 5.10.75

Description A NULL pointer dereference vulnerability has been resolved in the Linux kernel. The issue occurred in the mt7915 get phy mode routine when adding an IBSS interface to the mt7915 driver. This vulnerability could lead to a kernel crash or potentially allow an attacker to execute arbitrary code.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the NULL pointer dereference in the mt7915 get phy mode routine. As a temporary workaround, consider disabling the IBSS interface on the mt7915 driver until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2025-14246

CVE-2021-47540

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2024-11483 · Linux+3 · Linux Kernel+3

CVE-2021-47540

Weakness Enumeration

Related Identifiers

Affected Products

References · 1430