CVE-2021-47095

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 4, 2024

Updated: Jan 7, 2025

CWE ID 476

Summary

CVE-2021-47095 is a vulnerability in the Linux kernel's ipmi (Intelligent Platform Management Interface) subsystem. The issue lies in the ssif driver, where ssif_info->client is dereferenced in an error path despite being set earlier in the probe process. This can lead to a kernel crash due to a NULL pointer dereference. To mitigate the issue, ssif_info->client should be initialized before any error paths, and i2c_client data should be cleared in the error path to prevent dangling pointers.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/utPDuD
https://www.cve.org/CVERecord?id=CVE-2021-47095
https://nvd.nist.gov/vuln/detail/CVE-2021-47095

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners