CVE-2021-47612: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 25 Comm: kworker/0:1 Not tainted 5.16.0-rc4-01180-g2a987e65025e-dirty #5 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-6.fc35 04/01/2014 Workqueue: events netlink_sock_destruct_work RIP: 0010:klist_iter_exit+0x26/0x80 Call Trace: <TASK> class_dev_iter_exit+0x15/0x20 nfc_genl_dump_devices_done+0x3b/0x50 genl_lock_done+0x84/0xd0 netlink_sock_destruct+0x8f/0x270 __sk_destruct+0x64/0x3b0 sk_destruct+0xa8/0xd0 __sk_free+0x2e8/0x3d0 sk_free+0x51/0x90 netlink_sock_destruct_work+0x1c/0x20 process_one_work+0x411/0x710 worker_thread+0x6fd/0xa80
AI Analysis
Technical Summary
CVE-2021-47612 is a vulnerability identified in the Linux kernel's NFC (Near Field Communication) subsystem, specifically within the nfc_genl_dump_devices_done() function. The issue arises when the kernel memory allocation function kmalloc fails during the execution of nfc_genl_dump_devices(). This failure leads to a null pointer dereference in nfc_genl_dump_devices_done(), causing a segmentation fault (segfault). The segfault is confirmed by Kernel Address Sanitizer (KASAN) reports indicating a null pointer dereference at a low memory address range. The call trace shows the fault occurs during the cleanup and destruction of netlink sockets related to NFC device enumeration. This vulnerability can cause a kernel crash (denial of service) when the NFC subsystem attempts to dump device information and memory allocation fails. The affected Linux kernel versions include those identified by the commit hash 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, which suggests a specific patch or kernel state before the fix was applied. There are no known exploits in the wild, and no CVSS score has been assigned yet. The vulnerability does not appear to allow privilege escalation or arbitrary code execution but can impact system availability by causing kernel panics or crashes when NFC device enumeration is triggered under low-memory conditions or other kmalloc failure scenarios.
Potential Impact
For European organizations, the primary impact of CVE-2021-47612 is the potential for denial of service on Linux systems utilizing NFC functionality. This could disrupt services or operations relying on NFC communication, such as secure access control, contactless payments, or device pairing in industrial or enterprise environments. While the vulnerability does not directly expose confidentiality or integrity risks, the availability impact could be significant in environments where uptime and reliability are critical, such as manufacturing plants, transportation systems, or financial institutions using NFC-enabled devices. Organizations running Linux kernels with NFC support in embedded devices, IoT gateways, or servers could experience unexpected reboots or service interruptions if the vulnerability is triggered. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to avoid potential exploitation or accidental crashes.
Mitigation Recommendations
1. Apply the latest Linux kernel updates that include the patch fixing this vulnerability. The patch addresses the null pointer dereference by properly handling kmalloc failure scenarios in the NFC subsystem. 2. If immediate patching is not possible, consider disabling NFC support in the kernel or unloading the NFC kernel modules (e.g., nfc, nfc_genl) to prevent the vulnerable code from executing. 3. Monitor system logs for kernel warnings or crashes related to NFC device enumeration or netlink socket destruction to detect potential exploitation attempts or accidental triggers. 4. Implement resource monitoring and limits to reduce the likelihood of kmalloc failures due to memory exhaustion, such as configuring cgroups or system memory limits. 5. For critical systems, conduct controlled testing of NFC functionality after patching to ensure stability and confirm the vulnerability is mitigated. 6. Maintain an inventory of Linux systems with NFC enabled and prioritize patching based on exposure and criticality.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2021-47612: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 25 Comm: kworker/0:1 Not tainted 5.16.0-rc4-01180-g2a987e65025e-dirty #5 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-6.fc35 04/01/2014 Workqueue: events netlink_sock_destruct_work RIP: 0010:klist_iter_exit+0x26/0x80 Call Trace: <TASK> class_dev_iter_exit+0x15/0x20 nfc_genl_dump_devices_done+0x3b/0x50 genl_lock_done+0x84/0xd0 netlink_sock_destruct+0x8f/0x270 __sk_destruct+0x64/0x3b0 sk_destruct+0xa8/0xd0 __sk_free+0x2e8/0x3d0 sk_free+0x51/0x90 netlink_sock_destruct_work+0x1c/0x20 process_one_work+0x411/0x710 worker_thread+0x6fd/0xa80
AI-Powered Analysis
Technical Analysis
CVE-2021-47612 is a vulnerability identified in the Linux kernel's NFC (Near Field Communication) subsystem, specifically within the nfc_genl_dump_devices_done() function. The issue arises when the kernel memory allocation function kmalloc fails during the execution of nfc_genl_dump_devices(). This failure leads to a null pointer dereference in nfc_genl_dump_devices_done(), causing a segmentation fault (segfault). The segfault is confirmed by Kernel Address Sanitizer (KASAN) reports indicating a null pointer dereference at a low memory address range. The call trace shows the fault occurs during the cleanup and destruction of netlink sockets related to NFC device enumeration. This vulnerability can cause a kernel crash (denial of service) when the NFC subsystem attempts to dump device information and memory allocation fails. The affected Linux kernel versions include those identified by the commit hash 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, which suggests a specific patch or kernel state before the fix was applied. There are no known exploits in the wild, and no CVSS score has been assigned yet. The vulnerability does not appear to allow privilege escalation or arbitrary code execution but can impact system availability by causing kernel panics or crashes when NFC device enumeration is triggered under low-memory conditions or other kmalloc failure scenarios.
Potential Impact
For European organizations, the primary impact of CVE-2021-47612 is the potential for denial of service on Linux systems utilizing NFC functionality. This could disrupt services or operations relying on NFC communication, such as secure access control, contactless payments, or device pairing in industrial or enterprise environments. While the vulnerability does not directly expose confidentiality or integrity risks, the availability impact could be significant in environments where uptime and reliability are critical, such as manufacturing plants, transportation systems, or financial institutions using NFC-enabled devices. Organizations running Linux kernels with NFC support in embedded devices, IoT gateways, or servers could experience unexpected reboots or service interruptions if the vulnerability is triggered. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to avoid potential exploitation or accidental crashes.
Mitigation Recommendations
1. Apply the latest Linux kernel updates that include the patch fixing this vulnerability. The patch addresses the null pointer dereference by properly handling kmalloc failure scenarios in the NFC subsystem. 2. If immediate patching is not possible, consider disabling NFC support in the kernel or unloading the NFC kernel modules (e.g., nfc, nfc_genl) to prevent the vulnerable code from executing. 3. Monitor system logs for kernel warnings or crashes related to NFC device enumeration or netlink socket destruction to detect potential exploitation attempts or accidental triggers. 4. Implement resource monitoring and limits to reduce the likelihood of kmalloc failures due to memory exhaustion, such as configuring cgroups or system memory limits. 5. For critical systems, conduct controlled testing of NFC functionality after patching to ensure stability and confirm the vulnerability is mitigated. 6. Maintain an inventory of Linux systems with NFC enabled and prioritize patching based on exposure and criticality.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-06-19T14:55:32.795Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe95c8
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 3:26:48 PM
Last updated: 8/14/2025, 9:50:02 AM
Views: 12
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.