CVE-2021-47223: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-47223 is a vulnerability in the Linux kernel's bridge VLAN tunnel implementation that involves a null pointer dereference in the tunnel egress path. The vulnerability was discovered in June 2021 and affects the Linux kernel's networking stack, specifically the bridge VLAN tunnel functionality (Kernel Commit).

The vulnerability occurs due to lockless access in the tunnel egress path. When deleting a VLAN tunnel, the tunneldst pointer is set to NULL without waiting for a grace period while it's still usable, and packets egressing are dereferencing it without proper checking. The issue stems from the bridge VLAN dstmetadata hooks in ingress and egress paths, specifically related to commit 11538d039ac6 (Kernel Commit).

This vulnerability could lead to a null pointer dereference in the Linux kernel's networking stack, potentially causing system crashes or denial of service conditions when processing network traffic through bridge VLAN tunnels (Kernel Commit).

The fix involves using READ/WRITEONCE to annotate the lockless use of tunnelid, implementing RCU for accessing tunnel_dst, and ensuring it is read only once and checked in the egress path. The patch ensures proper RCU protection for the dst pointer and implements proper checking mechanisms in the egress path (Kernel Commit).