CVE-2021-47332

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usx2y: Don't call free_pages_exact() with NULL address

Unlike some other functions, we can't pass NULL pointer to free_pages_exact(). Add a proper NULL check for avoiding possible Oops.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux36b8defc447627c3e91058c43941ec15d827556e < 88262229b778f4f7a896da828d966f94dcb35d19affected
LinuxLinux36b8defc447627c3e91058c43941ec15d827556e < 7d7f30cf182e55023fa8fde4c084b2d37c6be69daffected
LinuxLinux36b8defc447627c3e91058c43941ec15d827556e < bee295f5e03510252d18b25cc1d26230256eb87aaffected
LinuxLinux36b8defc447627c3e91058c43941ec15d827556e < 82e5ee742fdd8874fe996181b87fafe1eb5f1196affected
LinuxLinux36b8defc447627c3e91058c43941ec15d827556e < cae0cf651adccee2c3f376e78f30fbd788d0829faffected
LinuxLinux5.2affected
LinuxLinux0 < 5.2unaffected
LinuxLinux5.4.134 <= 5.4.*unaffected
LinuxLinux5.10.52 <= 5.10.*unaffected
LinuxLinux5.12.19 <= 5.12.*unaffected
LinuxLinux5.13.4 <= 5.13.*unaffected
LinuxLinux5.14 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References