VYPR
Medium severity5.5NVD Advisory· Published May 21, 2024· Updated Jun 17, 2026

CVE-2021-47316

CVE-2021-47316

Description

In the Linux kernel, the following vulnerability has been resolved:

nfsd: fix NULL dereference in nfs3svc_encode_getaclres

In error cases the dentry may be NULL.

Before 20798dfe249a, the encoder also checked dentry and d_really_is_positive(dentry), but that looks like overkill to me--zero status should be enough to guarantee a positive dentry.

This isn't the first time we've seen an error-case NULL dereference hidden in the initialization of a local variable in an xdr encoder. But I went back through the other recent rewrites and didn't spot any similar bugs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Linux/Kernel3 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=5.13,<5.13.4
    • (no CPE)
    • (no CPE)range: 5.13

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.