CVE-2021-47096

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: rawmidi - fix the uninitalized user_pversion

The user_pversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation.

The kernel ALSA sequencer code clears the file structure, so no additional fixes are required.

BugLink: https://github.com/alsa-project/alsa-lib/issues/178

Affected Software

VendorProductVersion RangeStatus
LinuxLinux09d23174402da0f10e98da2c61bb5ac8e7d79fdd < b398fcbe4de1e1100867fdb6f447c6fbc8fe7085affected
LinuxLinux09d23174402da0f10e98da2c61bb5ac8e7d79fdd < 39a8fc4971a00d22536aeb7d446ee4a97810611baffected
LinuxLinux12d50801497235956fb3760be8530f4e44e4ce67affected
LinuxLinux5.14.10 < 5.15affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.12 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References