CVE-2021-47380

Summary

In the Linux kernel, the following vulnerability has been resolved:

HID: amd_sfh: Fix potential NULL pointer dereference

devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at registration that will cause NULL pointer dereference since corresponding data is not initialized yet. The patch moves initialization of data before devm_add_action_or_reset().

Found by Linux Driver Verification project (linuxtesting.org).

[jkosina@suse.cz: rebase]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4f567b9f8141a86c7d878fadf136e5d1408e3e61 < 283e4bee701dfcd409dd293f19a268bb2bc8ff38affected
LinuxLinux4f567b9f8141a86c7d878fadf136e5d1408e3e61 < d46ef750ed58cbeeba2d9a55c99231c30a172764affected
LinuxLinux5.11affected
LinuxLinux0 < 5.11unaffected
LinuxLinux5.14.10 <= 5.14.*unaffected
LinuxLinux5.15 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References