CVE-2021-46283: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-46283 affects the Linux kernel versions before 5.12.13, specifically in the nftablesnewset function within net/netfilter/nftablesapi.c. The vulnerability was discovered and disclosed in January 2022, allowing local users to cause a denial of service through a NULL pointer dereference and general protection fault. The issue stems from missing initialization for nftsetelemexpralloc (NVD).

The vulnerability occurs due to improper initialization in the nftablesnewset function. Specifically, nftsetelemexpralloc() requires an initialized set if expression sets the NFTEXPRGC flag. The bug manifests as a NULL pointer dereference when accessing uninitialized memory, which can lead to a kernel crash (Kernel Patch). The vulnerability has a CVSS v3.1 Base Score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability allows local users to cause a denial of service condition through a NULL pointer dereference and general protection fault. The impact is limited to system availability, with no direct impact on confidentiality or integrity (NVD).

The vulnerability was fixed in Linux kernel version 5.12.13 by moving set fields initialization before expression setup. Users should upgrade to Linux kernel version 5.12.13 or later to mitigate this vulnerability (Kernel Patch).