CVE-2021-47179 in Linux
Summary
by MITRE • 03/25/2024
In the Linux kernel, the following vulnerability has been resolved:
NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_range argument. Unfortunately, pnfs_mark_matching_lsegs_return() doesn't check if we have a value here before dereferencing it, causing an oops.
I'm able to hit this crash consistently when running connectathon basic tests on NFS v4.1/v4.2 against Ontap.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 11/23/2025
The vulnerability identified as CVE-2021-47179 represents a critical null pointer dereference flaw within the Linux kernel's Network File System version 4 implementation. This issue specifically affects the pnfs_mark_matching_lsegs_return() function which is responsible for managing layout segments in NFSv4 environments. The flaw arises from a design inconsistency where the _pnfs_return_layout() function invokes pnfs_mark_matching_lsegs_return() with a NULL pointer as the struct pnfs_layout_range argument, creating a scenario where the target function fails to perform proper validation before attempting to dereference the null pointer.
The technical execution of this vulnerability occurs within the kernel's NFSv4 subsystem where the pnfs_mark_matching_lsegs_return() function lacks adequate input validation mechanisms. When the function receives a NULL pointer argument, it proceeds to dereference the pointer without proper null checking, resulting in a kernel oops condition that terminates the kernel execution. This type of vulnerability falls under CWE-476 which specifically addresses null pointer dereference conditions in software systems. The flaw demonstrates a classic security weakness where insufficient input validation leads to system instability and potential denial of service scenarios.
The operational impact of this vulnerability extends beyond simple system crashes to encompass broader network service availability issues within enterprise storage environments. During routine connectathon basic tests conducted against ONTAP NFSv4.1/v4.2 implementations, the vulnerability manifests consistently, indicating that any system running affected Linux kernels with NFSv4 clients will be susceptible to this crash condition. This creates significant operational risks for organizations relying on NFSv4 for critical data services, as the vulnerability can be triggered through normal file access patterns without requiring special privileges or complex attack vectors.
The security implications of CVE-2021-47179 align with ATT&CK technique T1499.001 which covers network denial of service attacks. This vulnerability can be exploited to cause system instability and service disruption, potentially affecting multiple concurrent users accessing NFS shares. Organizations implementing NFSv4 services in production environments face the risk of unauthorized service disruption, where malicious actors could consistently trigger the null pointer dereference through normal file operations. The vulnerability's exploitation requires no elevated privileges and can be achieved through standard NFS client operations, making it particularly concerning for enterprise storage infrastructures.
Mitigation strategies for this vulnerability center on applying the kernel patch that resolves the null pointer dereference issue. The fix implemented in commit de144ff4234f addresses the root cause by ensuring proper input validation within the pnfs_mark_matching_lsegs_return() function. System administrators should prioritize applying the relevant kernel updates to prevent exploitation, particularly in environments where NFSv4 services are actively used. Additionally, monitoring systems should be configured to detect unusual kernel oops conditions that may indicate exploitation attempts. The vulnerability demonstrates the importance of thorough input validation in kernel space code and highlights the necessity of comprehensive testing for edge cases in distributed file system implementations. Organizations should also consider implementing network segmentation and access controls to limit exposure while patches are being deployed across their infrastructure.