CVE-2021-47331

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: common: usb-conn-gpio: fix NULL pointer dereference of charger

When power on system with OTG cable, IDDIG's interrupt arises before the charger registration, it will cause a NULL pointer dereference, fix the issue by registering the power supply before requesting IDDIG/VBUS irq.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe3ee0e740c3887d2293e8d54a8707218d70d86ca < 8e8d910e9a3a7fba86140aff4924c30955ab228baffected
LinuxLinuxe3ee0e740c3887d2293e8d54a8707218d70d86ca < 436906fd248e018403bcda61a9311d9af02912f1affected
LinuxLinuxe3ee0e740c3887d2293e8d54a8707218d70d86ca < 1a133a0996d6b4c83509d570ed4edcba34c44f25affected
LinuxLinuxe3ee0e740c3887d2293e8d54a8707218d70d86ca < 880287910b1892ed2cb38977893b947382a09d21affected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.10.52 <= 5.10.*unaffected
LinuxLinux5.12.19 <= 5.12.*unaffected
LinuxLinux5.13.4 <= 5.13.*unaffected
LinuxLinux5.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References