0.0
NA
CVE-2021-47085
Apache HTTP Server Cross-Site Request Forgery
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

March 4, 2024, 6:15 p.m.

Last Modified :

March 19, 2024, 2:15 p.m.

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Remotely Exploitable :

No

Impact Score :

Exploitability Score :

Public PoC/Exploit Available at Github

CVE-2021-47085 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2021-47085 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
NaInSec/CVE-LIST

Ini adalah repository kumpulan CVE v.5

allcve cve cvelist newcve

Updated: 1 month, 3 weeks ago
2 stars 0 fork 0 watcher
Born at : March 24, 2024, 3:01 p.m. This repo has been linked 1214 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2021-47085 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2021-47085 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 19, 2024

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 19, 2024

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: hamradio: improve the incomplete fix to avoid NPD The previous commit 3e0588c291d6 ("hamradio: defer ax25 kfree after unregister_netdev") reorder the kfree operations and unregister_netdev operation to prevent UAF. This commit improves the previous one by also deferring the nullify of the ax->tty pointer. Otherwise, a NULL pointer dereference bug occurs. Partial of the stack trace is shown below. BUG: kernel NULL pointer dereference, address: 0000000000000538 RIP: 0010:ax_xmit+0x1f9/0x400 ... Call Trace: dev_hard_start_xmit+0xec/0x320 sch_direct_xmit+0xea/0x240 __qdisc_run+0x166/0x5c0 __dev_queue_xmit+0x2c7/0xaf0 ax25_std_establish_data_link+0x59/0x60 ax25_connect+0x3a0/0x500 ? security_socket_connect+0x2b/0x40 __sys_connect+0x96/0xc0 ? __hrtimer_init+0xc0/0xc0 ? common_nsleep+0x2e/0x50 ? switch_fpu_return+0x139/0x1a0 __x64_sys_connect+0x11/0x20 do_syscall_64+0x33/0x40 entry_SYSCALL_64_after_hwframe+0x44/0xa9 The crash point is shown as below static void ax_encaps(...) { ... set_bit(TTY_DO_WRITE_WAKEUP, &ax->tty->flags); // ax->tty = NULL! ... } By placing the nullify action after the unregister_netdev, the ax->tty pointer won't be assigned as NULL net_device framework layer is well synchronized. Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed Reference kernel.org https://git.kernel.org/stable/c/371a874ea06f147d6ca30be43dad33683965eba6
    Removed Reference kernel.org https://git.kernel.org/stable/c/83ba6ec97c74fb1a60f7779a26b6a94b28741d8a
    Removed Reference kernel.org https://git.kernel.org/stable/c/a7b0ae2cc486fcb601f9f9d87d98138cc7b7f7f9
    Removed Reference kernel.org https://git.kernel.org/stable/c/b68f41c6320b2b7fbb54a95f07a69f3dc7e56c59
    Removed Reference kernel.org https://git.kernel.org/stable/c/a5c6a13e9056d87805ba3042c208fbd4164ad22b
    Removed Reference kernel.org https://git.kernel.org/stable/c/7dd52af1eb5798f590d9d9e1c56ed8f5744ee0ca
    Removed Reference kernel.org https://git.kernel.org/stable/c/03d00f7f1815ec00dab5035851b3de83afd054a8
    Removed Reference kernel.org https://git.kernel.org/stable/c/b2f37aead1b82a770c48b5d583f35ec22aabb61e
  • CVE Translated by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 19, 2024

    Action Type Old Value New Value
    Removed Translation Title: kernel de Linux Description: En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: hamradio: mejora la solución incompleta para evitar NPD. El commit anterior 3e0588c291d6 ("hamradio: defer ax25 kfree after unregister_netdev") reordena las operaciones kfree y unregister_netdev para prevenir UAF. Esta confirmación mejora la anterior al diferir también la anulación del puntero ax->tty. De lo contrario, se produce un error de desreferencia del puntero NULL. A continuación se muestra parte del seguimiento de la pila. ERROR: desreferencia del puntero NULL del kernel, dirección: 0000000000000538 RIP: 0010:ax_xmit+0x1f9/0x400... Seguimiento de llamadas: dev_hard_start_xmit+0xec/0x320 sch_direct_xmit+0xea/0x240 __qdisc_run+0x166/0x5c0 __dev_queue_x mit+0x2c7/0xaf0 ax25_std_establecer_data_link+0x59/0x60 ax25_connect+0x3a0/0x500? seguridad_socket_connect+0x2b/0x40 __sys_connect+0x96/0xc0 ? __hrtimer_init+0xc0/0xc0? common_nsleep+0x2e/0x50? switch_fpu_return+0x139/0x1a0 __x64_sys_connect+0x11/0x20 do_syscall_64+0x33/0x40 Entry_SYSCALL_64_after_hwframe+0x44/0xa9 El punto de bloqueo se muestra a continuación static void ax_encaps(...) { ... set_bit(TTY_DO_WRITE_WAKEUP, &ax-> tty->banderas ); // hacha->tty = NULL! ... } Al colocar la acción de anulación después de unregister_netdev, el puntero ax->tty no se asignará ya que la capa de marco NULL net_device está bien sincronizada.
  • CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 04, 2024

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: hamradio: improve the incomplete fix to avoid NPD The previous commit 3e0588c291d6 ("hamradio: defer ax25 kfree after unregister_netdev") reorder the kfree operations and unregister_netdev operation to prevent UAF. This commit improves the previous one by also deferring the nullify of the ax->tty pointer. Otherwise, a NULL pointer dereference bug occurs. Partial of the stack trace is shown below. BUG: kernel NULL pointer dereference, address: 0000000000000538 RIP: 0010:ax_xmit+0x1f9/0x400 ... Call Trace: dev_hard_start_xmit+0xec/0x320 sch_direct_xmit+0xea/0x240 __qdisc_run+0x166/0x5c0 __dev_queue_xmit+0x2c7/0xaf0 ax25_std_establish_data_link+0x59/0x60 ax25_connect+0x3a0/0x500 ? security_socket_connect+0x2b/0x40 __sys_connect+0x96/0xc0 ? __hrtimer_init+0xc0/0xc0 ? common_nsleep+0x2e/0x50 ? switch_fpu_return+0x139/0x1a0 __x64_sys_connect+0x11/0x20 do_syscall_64+0x33/0x40 entry_SYSCALL_64_after_hwframe+0x44/0xa9 The crash point is shown as below static void ax_encaps(...) { ... set_bit(TTY_DO_WRITE_WAKEUP, &ax->tty->flags); // ax->tty = NULL! ... } By placing the nullify action after the unregister_netdev, the ax->tty pointer won't be assigned as NULL net_device framework layer is well synchronized.
    Added Reference Linux https://git.kernel.org/stable/c/371a874ea06f147d6ca30be43dad33683965eba6 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/83ba6ec97c74fb1a60f7779a26b6a94b28741d8a [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/a7b0ae2cc486fcb601f9f9d87d98138cc7b7f7f9 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/b68f41c6320b2b7fbb54a95f07a69f3dc7e56c59 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/a5c6a13e9056d87805ba3042c208fbd4164ad22b [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/7dd52af1eb5798f590d9d9e1c56ed8f5744ee0ca [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/03d00f7f1815ec00dab5035851b3de83afd054a8 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/b2f37aead1b82a770c48b5d583f35ec22aabb61e [No types assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2021-47085 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2021-47085 weaknesses.

NONE - Vulnerability Scoring System
: