CVE-2021-47353 - pub/scm/linux/kernel/git/sashal/vulns-desc - Git at Google

 The vulnerability, tracked as CVE-2021-47353, is a NULL pointer dereference in the `udf_symlink` function of the Linux kernel. The issue arises because the `epos.bh` variable is assigned the value returned by `udf_tgetblk`, which can be NULL if `sb_getblk` fails. However, `epos.bh` is used without any checks, leading to a possible NULL pointer dereference.

 The vulnerability is fixed by adding a check to validate the value of `epos.bh` before using it. This fix has been applied to various Linux kernel versions, including 4.4.276, 4.9.276, 4.14.240, 4.19.198, 5.4.133, 5.10.51, 5.12.18, 5.13.3, and 5.14.

 The affected file is `fs/udf/namei.c`. To mitigate this issue, the Linux kernel CVE team recommends updating to the latest stable kernel version. If updating is not possible, individual changes can be cherry-picked from the commits listed in the advisory.
	The vulnerability, tracked as CVE-2021-47353, is a NULL pointer dereference in the `udf_symlink` function of the Linux kernel. The issue arises because the `epos.bh` variable is assigned the value returned by `udf_tgetblk`, which can be NULL if `sb_getblk` fails. However, `epos.bh` is used without any checks, leading to a possible NULL pointer dereference.

	The vulnerability is fixed by adding a check to validate the value of `epos.bh` before using it. This fix has been applied to various Linux kernel versions, including 4.4.276, 4.9.276, 4.14.240, 4.19.198, 5.4.133, 5.10.51, 5.12.18, 5.13.3, and 5.14.

	The affected file is `fs/udf/namei.c`. To mitigate this issue, the Linux kernel CVE team recommends updating to the latest stable kernel version. If updating is not possible, individual changes can be cherry-picked from the commits listed in the advisory.