CVE-2021-47095: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: initialize ssif_info->client early During probe ssif_info->client is dereferenced in error path. However, it is set when some of the error checking has already been done. This causes following kernel crash if an error path is taken: [ 30.645593][ T674] ipmi_ssif 0-000e: ipmi_ssif: Not probing, Interface already present [ 30.657616][ T674] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000088 ... [ 30.657723][ T674] pc : __dev_printk+0x28/0xa0 [ 30.657732][ T674] lr : _dev_err+0x7c/0xa0 ... [ 30.657772][ T674] Call trace: [ 30.657775][ T674] __dev_printk+0x28/0xa0 [ 30.657778][ T674] _dev_err+0x7c/0xa0 [ 30.657781][ T674] ssif_probe+0x548/0x900 [ipmi_ssif 62ce4b08badc1458fd896206d9ef69a3c31f3d3e] [ 30.657791][ T674] i2c_device_probe+0x37c/0x3c0 ... Initialize ssif_info->client before any error path can be taken. Clear i2c_client data in the error path to prevent the dangling pointer from leaking.
AI Analysis
Technical Summary
CVE-2021-47095 is a vulnerability identified in the Linux kernel's IPMI (Intelligent Platform Management Interface) subsystem, specifically within the SSIF (SMBus System Interface) driver. The issue arises during the probe phase of the ssif_info->client structure initialization. In the vulnerable code path, ssif_info->client is dereferenced before it is properly initialized, particularly in error handling paths. This improper handling leads to a NULL pointer dereference, causing a kernel crash (kernel panic). The crash logs indicate that when the probe detects an interface already present, the error path attempts to access ssif_info->client, which is still NULL, resulting in an invalid memory access. The fix involves initializing ssif_info->client early in the probe process and clearing the i2c_client data in error paths to prevent dangling pointers and subsequent kernel crashes. This vulnerability affects Linux kernel versions identified by the given commit hashes and was publicly disclosed in March 2024. No known exploits are reported in the wild as of the publication date, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running vulnerable Linux kernel versions with IPMI SSIF support enabled. IPMI is commonly used in server management for out-of-band monitoring and control, especially in data centers and enterprise environments. A kernel crash triggered by this vulnerability can lead to denial of service (DoS) conditions, disrupting critical infrastructure and services. This can affect availability of servers hosting business-critical applications, cloud services, or industrial control systems. While the vulnerability does not directly lead to privilege escalation or data leakage, the resulting system instability can cause operational downtime and potential cascading failures in tightly integrated environments. Organizations relying on Linux-based servers with IPMI SSIF enabled should consider the impact on service continuity and incident response capabilities.
Mitigation Recommendations
To mitigate CVE-2021-47095, European organizations should: 1) Apply the official Linux kernel patches that initialize ssif_info->client early and clear i2c_client data in error paths as soon as they are available. 2) Identify and inventory all Linux systems running kernel versions affected by this vulnerability, focusing on those with IPMI SSIF enabled. 3) Where patching is not immediately feasible, consider disabling the IPMI SSIF interface if it is not required for system management, to reduce attack surface. 4) Implement robust monitoring for kernel panics and system crashes to detect potential exploitation attempts or instability caused by this issue. 5) Ensure that system recovery procedures and backups are tested and ready to minimize downtime in case of crashes. 6) Coordinate with hardware vendors and Linux distribution maintainers for timely updates and advisories related to this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden, Belgium, Finland
CVE-2021-47095: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: initialize ssif_info->client early During probe ssif_info->client is dereferenced in error path. However, it is set when some of the error checking has already been done. This causes following kernel crash if an error path is taken: [ 30.645593][ T674] ipmi_ssif 0-000e: ipmi_ssif: Not probing, Interface already present [ 30.657616][ T674] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000088 ... [ 30.657723][ T674] pc : __dev_printk+0x28/0xa0 [ 30.657732][ T674] lr : _dev_err+0x7c/0xa0 ... [ 30.657772][ T674] Call trace: [ 30.657775][ T674] __dev_printk+0x28/0xa0 [ 30.657778][ T674] _dev_err+0x7c/0xa0 [ 30.657781][ T674] ssif_probe+0x548/0x900 [ipmi_ssif 62ce4b08badc1458fd896206d9ef69a3c31f3d3e] [ 30.657791][ T674] i2c_device_probe+0x37c/0x3c0 ... Initialize ssif_info->client before any error path can be taken. Clear i2c_client data in the error path to prevent the dangling pointer from leaking.
AI-Powered Analysis
Technical Analysis
CVE-2021-47095 is a vulnerability identified in the Linux kernel's IPMI (Intelligent Platform Management Interface) subsystem, specifically within the SSIF (SMBus System Interface) driver. The issue arises during the probe phase of the ssif_info->client structure initialization. In the vulnerable code path, ssif_info->client is dereferenced before it is properly initialized, particularly in error handling paths. This improper handling leads to a NULL pointer dereference, causing a kernel crash (kernel panic). The crash logs indicate that when the probe detects an interface already present, the error path attempts to access ssif_info->client, which is still NULL, resulting in an invalid memory access. The fix involves initializing ssif_info->client early in the probe process and clearing the i2c_client data in error paths to prevent dangling pointers and subsequent kernel crashes. This vulnerability affects Linux kernel versions identified by the given commit hashes and was publicly disclosed in March 2024. No known exploits are reported in the wild as of the publication date, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running vulnerable Linux kernel versions with IPMI SSIF support enabled. IPMI is commonly used in server management for out-of-band monitoring and control, especially in data centers and enterprise environments. A kernel crash triggered by this vulnerability can lead to denial of service (DoS) conditions, disrupting critical infrastructure and services. This can affect availability of servers hosting business-critical applications, cloud services, or industrial control systems. While the vulnerability does not directly lead to privilege escalation or data leakage, the resulting system instability can cause operational downtime and potential cascading failures in tightly integrated environments. Organizations relying on Linux-based servers with IPMI SSIF enabled should consider the impact on service continuity and incident response capabilities.
Mitigation Recommendations
To mitigate CVE-2021-47095, European organizations should: 1) Apply the official Linux kernel patches that initialize ssif_info->client early and clear i2c_client data in error paths as soon as they are available. 2) Identify and inventory all Linux systems running kernel versions affected by this vulnerability, focusing on those with IPMI SSIF enabled. 3) Where patching is not immediately feasible, consider disabling the IPMI SSIF interface if it is not required for system management, to reduce attack surface. 4) Implement robust monitoring for kernel panics and system crashes to detect potential exploitation attempts or instability caused by this issue. 5) Ensure that system recovery procedures and backups are tested and ready to minimize downtime in case of crashes. 6) Coordinate with hardware vendors and Linux distribution maintainers for timely updates and advisories related to this vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-29T22:33:44.300Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9cee
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 9:26:33 PM
Last updated: 8/14/2025, 7:02:04 PM
Views: 11
Related Threats
CVE-2025-50859: n/a
HighCVE-2025-50858: n/a
HighCVE-2025-55454: n/a
HighCVE-2025-51092: n/a
HighCVE-2025-43759: CWE-732 Incorrect Permission Assignment for Critical Resource in Liferay Portal
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.