Executive Summary

Informations
Name CVE-2021-47463 First vendor Publication 2024-05-22
Vendor Cve Last vendor Modification 2025-01-15

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 5.5
Base Score 5.5 Environmental Score 5.5
impact SubScore 3.6 Temporal Score 5.5
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

mm/secretmem: fix NULL page->mapping dereference in page_is_secretmem()

Check for a NULL page->mapping before dereferencing the mapping in page_is_secretmem(), as the page's mapping can be nullified while gup() is running, e.g. by reclaim or truncation.

BUG: kernel NULL pointer dereference, address: 0000000000000068
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: 0000 [#1] PREEMPT SMP NOPTI
CPU: 6 PID: 4173897 Comm: CPU 3/KVM Tainted: G W
RIP: 0010:internal_get_user_pages_fast+0x621/0x9d0
Code: <48> 81 7a 68 80 08 04 bc 0f 85 21 ff ff 8 89 c7 be
RSP: 0018:ffffaa90087679b0 EFLAGS: 00010046
RAX: ffffe3f37905b900 RBX: 00007f2dd561e000 RCX: ffffe3f37905b934
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffe3f37905b900
...
CR2: 0000000000000068 CR3: 00000004c5898003 CR4: 00000000001726e0
Call Trace:
get_user_pages_fast_only+0x13/0x20
hva_to_pfn+0xa9/0x3e0
try_async_pf+0xa1/0x270
direct_page_fault+0x113/0xad0
kvm_mmu_page_fault+0x69/0x680
vmx_handle_exit+0xe1/0x5d0
kvm_arch_vcpu_ioctl_run+0xd81/0x1c70
kvm_vcpu_ioctl+0x267/0x670
__x64_sys_ioctl+0x83/0xa0
do_syscall_64+0x56/0x80
entry_SYSCALL_64_after_hwframe+0x44/0xae

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47463

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-476 NULL Pointer Dereference

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6
Os 3485

Sources (Detail)

https://git.kernel.org/stable/c/79f9bc5843142b649575f887dccdf1c07ad75c20
https://git.kernel.org/stable/c/b77ba1e02345bafd703f0d407bdbd88c3be1f767
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
Date Informations
2025-07-15 01:53:52
  • Multiple Updates
2025-07-14 12:17:27
  • Multiple Updates
2025-06-26 01:52:41
  • Multiple Updates
2025-06-25 12:16:54
  • Multiple Updates
2025-06-24 01:57:10
  • Multiple Updates
2025-05-27 01:51:49
  • Multiple Updates
2025-03-29 02:57:53
  • Multiple Updates
2025-03-28 13:28:16
  • Multiple Updates
2025-03-28 02:42:43
  • Multiple Updates
2025-03-18 02:50:30
  • Multiple Updates
2025-03-14 02:40:33
  • Multiple Updates
2025-01-15 21:20:58
  • Multiple Updates
2024-11-25 09:25:24
  • Multiple Updates
2024-05-22 17:27:27
  • Multiple Updates
2024-05-22 13:27:32
  • First insertion