CVE-2021-47560 is a vulnerability identified in the Linux kernel's mlxsw (Mellanox Spectrum) driver, which manages network switching hardware. The issue arises during the processing of port up/down events generated by the device's firmware. Specifically, the driver correctly protects itself from events related to non-existent local ports but fails to do so for the CPU port (local port 0). Although the CPU port exists, it lacks an associated network device (netdev). When the driver attempts to call netif_carrier_on() or netif_carrier_off() on this CPU port, it results in a NULL pointer dereference, causing a kernel crash (denial of service). The vulnerability was observed primarily in environments running on buggy emulators, where such erroneous events are more likely to be generated. The fix involves adding an early exit in the event processing logic to avoid handling events for the CPU port, thereby preventing the NULL pointer dereference. This vulnerability affects specific Linux kernel versions identified by the commit hash 28b1987ef5064dd5c43538ba1168ef7b801f3cad. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.

For European organizations, the primary impact of CVE-2021-47560 is the potential for denial of service (DoS) on systems running affected Linux kernel versions with Mellanox Spectrum network drivers. This could lead to unexpected kernel crashes, causing network outages or system downtime. Organizations relying on Linux servers for critical infrastructure, especially those using Mellanox hardware for high-performance networking (such as data centers, cloud providers, and telecommunications), may experience service disruptions. Although exploitation requires the presence of buggy firmware or emulators generating invalid port events, the risk remains for environments using such configurations, including testing or virtualized setups. Confidentiality and integrity impacts are minimal since the vulnerability does not allow code execution or privilege escalation. However, availability degradation could affect business continuity and operational reliability.

European organizations should apply the patch provided by the Linux kernel maintainers that introduces early validation to ignore CPU port events, thereby preventing the NULL pointer dereference. Specifically, updating the Linux kernel to a version including the fix identified by commit 28b1987ef5064dd5c43538ba1168ef7b801f3cad is essential. Additionally, organizations should audit their use of Mellanox Spectrum hardware and firmware versions to ensure they are not running buggy firmware that could trigger this issue. For environments using emulators or virtualized testbeds, verify that the emulation software is up to date and does not generate invalid port events. Network monitoring should be enhanced to detect unusual port event activity that could indicate attempts to trigger the vulnerability. Finally, implement robust kernel crash recovery and failover mechanisms to minimize downtime if a crash occurs.