CVE-2021-47050

Summary

In the Linux kernel, the following vulnerability has been resolved:

memory: renesas-rpc-if: fix possible NULL pointer dereference of resource

The platform_get_resource_byname() can return NULL which would be immediately dereferenced by resource_size(). Instead dereference it after validating the resource.

Addresses-Coverity: Dereference null return value

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxca7d8b980b67f133317525c4273e144116ee1ae5 < 71bcc1b4a1743534d8abdcb57ff912e6bc390438affected
LinuxLinuxca7d8b980b67f133317525c4273e144116ee1ae5 < e16acc3a37f09e18835dc5d8014942c2ef6ca957affected
LinuxLinuxca7d8b980b67f133317525c4273e144116ee1ae5 < a74cb41af7dbe019e4096171f8bc641c7ce910adaffected
LinuxLinuxca7d8b980b67f133317525c4273e144116ee1ae5 < 59e27d7c94aa02da039b000d33c304c179395801affected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.10.37 <= 5.10.*unaffected
LinuxLinux5.11.21 <= 5.11.*unaffected
LinuxLinux5.12.4 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References