CVE-2021-47409

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc2: check return value after calling platform_get_resource()

It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux348becdcc3196addbe882e8a10451744e489e389 < 4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8baffected
LinuxLinux348becdcc3196addbe882e8a10451744e489e389 < a7182993dd8e09f96839ddc3ac54f9b37370d282affected
LinuxLinux348becdcc3196addbe882e8a10451744e489e389 < 8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7affected
LinuxLinux348becdcc3196addbe882e8a10451744e489e389 < 2754fa3b73df7d0ae042f3ed6cfd9df9042f6262affected
LinuxLinux348becdcc3196addbe882e8a10451744e489e389 < 337f00a0bc62d7cb7d10ec0b872c79009a1641dfaffected
LinuxLinux348becdcc3196addbe882e8a10451744e489e389 < 856e6e8e0f9300befa87dde09edb578555c99a82affected
LinuxLinux4.11affected
LinuxLinux0 < 4.11unaffected
LinuxLinux4.14.250 <= 4.14.*unaffected
LinuxLinux4.19.210 <= 4.19.*unaffected
LinuxLinux5.4.152 <= 5.4.*unaffected
LinuxLinux5.10.72 <= 5.10.*unaffected
LinuxLinux5.14.11 <= 5.14.*unaffected
LinuxLinux5.15 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References