CVE-2021-46916

ixgbe: Fix NULL pointer dereference in ethtool loopback test

Description

In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ethtool loopback test The ixgbe driver currently generates a NULL pointer dereference when performing the ethtool loopback test. This is due to the fact that there isn't a q_vector associated with the test ring when it is setup as interrupts are not normally added to the test rings. To address this I have added code that will check for a q_vector before returning a napi_id value. If a q_vector is not present it will return a value of 0.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/758d19098df4b0bbca9f40d6ae6c82c9c18b9bba patch
https://git.kernel.org/stable/c/31166efb1cee348eb6314e9c0095d84cbeb66b9d patch

Frequently Asked Questions

What is the severity of CVE-2021-46916?
CVE-2021-46916 has been scored as a medium severity vulnerability.
How to fix CVE-2021-46916?
To fix CVE-2021-46916, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-46916 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-46916 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-46916?
CVE-2021-46916 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.