CVE-2021-47265— RDMA: Verify port when creating flow rule

EPSS 0.02% · P4 Updated May 13, 2026

Affected Version Matrix 6

Vendor	Product	Version Range	Status
Linux	Linux	`436f2ad05a0b65b1467ddf51bc68171c381bf844< 8dc1b0e0ca204596c50bcd159ee069ae0f998176`	affected
		`436f2ad05a0b65b1467ddf51bc68171c381bf844< 2adcb4c5a52a2623cd2b43efa7041e74d19f3a5e`	affected
		`3.12`	affected
		`< 3.12`	unaffected
		`5.12.11≤ 5.12.*`	unaffected
		`5.13≤ *`	unaffected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-47265

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

RDMA: Verify port when creating flow rule

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: RDMA: Verify port when creating flow rule Validate port value provided by the user and with that remove no longer needed validation by the driver. The missing check in the mlx5_ib driver could cause to the below oops. Call trace: _create_flow_rule+0x2d4/0xf28 [mlx5_ib] mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib] ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs] ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x150 [ib_uverbs] ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs] ib_uverbs_ioctl+0x158/0x1d0 [ib_uverbs] do_vfs_ioctl+0xd0/0xaf0 ksys_ioctl+0x84/0xb4 __arm64_sys_ioctl+0x28/0xc4 el0_svc_common.constprop.3+0xa4/0x254 el0_svc_handler+0x84/0xa0 el0_svc+0x10/0x26c Code: b9401260 f9615681 51000400 8b001c20 (f9403c1a)

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于mlx5_ib 驱动程序中缺少检查。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	436f2ad05a0b65b1467ddf51bc68171c381bf844 ~ 8dc1b0e0ca204596c50bcd159ee069ae0f998176	-
Linux	Linux	3.12	-

II. Public POCs for CVE-2021-47265

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-47265

请登录查看更多情报信息。

Same Patch Batch · Linux · 2024-05-21 · 361 CVEs total

CVE-2021-47432		lib/generic-radix-tree.c: Don't overflow in peek()
CVE-2023-52760		gfs2: Fix slab-use-after-free in gfs2_qd_dealloc
CVE-2023-52757		smb: client: fix potential deadlock when releasing mids
CVE-2023-52755		ksmbd: fix slab out of bounds write in smb_inherit_dacl()
CVE-2023-52754		media: imon: fix access to invalid resource for the second interface
CVE-2023-52753		drm/amd/display: Avoid NULL dereference of timing generator
CVE-2023-52752		smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
CVE-2023-52751		smb: client: fix use-after-free in smb2_query_info_compound()
CVE-2023-52750		arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
CVE-2023-52749		spi: Fix null dereference on suspend
CVE-2023-52748		f2fs: avoid format-overflow warning
CVE-2022-48710		drm/radeon: fix a possible null pointer dereference
CVE-2023-52742		net: USB: Fix wrong-direction WARNING in plusb.c
CVE-2023-52738		drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini
CVE-2023-52740		powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch
CVE-2023-52739		Fix page corruption caused by racy check in __free_pages
CVE-2023-52741		cifs: Fix use-after-free in rdata->read_into_pages()
CVE-2023-52743		ice: Do not use WQ_MEM_RECLAIM flag for workqueue
CVE-2023-52746		xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
CVE-2023-52747		IB/hfi1: Restore allocated resources on failed copyout

Showing top 20 of 361 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2021-47265

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-47265— RDMA: Verify port when creating flow rule

Affected Version Matrix 6

I. Basic Information for CVE-2021-47265

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-47265

III. Intelligence Information for CVE-2021-47265

Same Patch Batch · Linux · 2024-05-21 · 361 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-47265

Leave a comment