CVE-2021-47120

Summary

In the Linux kernel, the following vulnerability has been resolved:

HID: magicmouse: fix NULL-deref on disconnect

Commit 9d7b18668956 ("HID: magicmouse: add support for Apple Magic Trackpad 2") added a sanity check for an Apple trackpad but returned success instead of -ENODEV when the check failed. This means that the remove callback will dereference the never-initialised driver data pointer when the driver is later unbound (e.g. on USB disconnect).

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9d7b18668956c411a422d04c712994c5fdb23a4b < 368c5d45a87e1bcc7f1e98e0c255c37b7b12c5d6affected
LinuxLinux9d7b18668956c411a422d04c712994c5fdb23a4b < b5d013c4c76b276890135b5d32803c4c63924b77affected
LinuxLinux9d7b18668956c411a422d04c712994c5fdb23a4b < 9cf27473f21913a3eaf4702dd2a25415afd5f33faffected
LinuxLinux9d7b18668956c411a422d04c712994c5fdb23a4b < 4b4f6cecca446abcb686c6e6c451d4f1ec1a7497affected
LinuxLinux4.20affected
LinuxLinux0 < 4.20unaffected
LinuxLinux5.4.125 <= 5.4.*unaffected
LinuxLinux5.10.43 <= 5.10.*unaffected
LinuxLinux5.12.10 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References