CVE-2021-47211

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: fix null pointer dereference on pointer cs_desc

The pointer cs_desc return from snd_usb_find_clock_source could be null, so there is a potential null pointer dereference issue. Fix this by adding a null check before dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1dc669fed61a4ec4270a89e5fb3535802cc45668 < 3455984b16eeb6914caf8b59498ef24fcc1f0a78affected
LinuxLinux1dc669fed61a4ec4270a89e5fb3535802cc45668 < 58fa50de595f152900594c28ec9915c169643739affected
LinuxLinux1dc669fed61a4ec4270a89e5fb3535802cc45668 < b97053df0f04747c3c1e021ecbe99db675342954affected
LinuxLinux3.10affected
LinuxLinux0 < 3.10unaffected
LinuxLinux5.10.259 <= 5.10.*unaffected
LinuxLinux5.15.5 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References