CVE-2021-47631
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
ARM: davinci: da850-evm: Avoid NULL pointer dereference
With newer versions of GCC, there is a panic in da850_evm_config_emac() when booting multi_v5_defconfig in QEMU under the palmetto-bmc machine:
Unable to handle kernel NULL pointer dereference at virtual address 00000020 pgd = (ptrval) [00000020] *pgd=00000000 Internal error: Oops: 5 [#1] PREEMPT ARM Modules linked in: CPU: 0 PID: 1 Comm: swapper Not tainted 5.15.0 #1 Hardware name: Generic DT based system PC is at da850_evm_config_emac+0x1c/0x120 LR is at do_one_initcall+0x50/0x1e0
The emac_pdata pointer in soc_info is NULL because davinci_soc_info only gets populated on davinci machines but da850_evm_config_emac() is called on all machines via device_initcall().
Move the rmii_en assignment below the machine check so that it is only dereferenced when running on a supported SoC.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | bae105879f2f2404155da6f50b3636193d228a62 < c06f476e5b74bcabb8c4a2fba55864a37e62843b | affected |
| Linux | Linux | bae105879f2f2404155da6f50b3636193d228a62 < a12b356d45cbb6e8a1b718d1436b3d6239a862f3 | affected |
| Linux | Linux | bae105879f2f2404155da6f50b3636193d228a62 < c64e2ed5cc376e137e572babfd2edc38b2cfb61b | affected |
| Linux | Linux | bae105879f2f2404155da6f50b3636193d228a62 < 89931d4762572aaee6edbe5673d41f8082de110f | affected |
| Linux | Linux | bae105879f2f2404155da6f50b3636193d228a62 < 0a312ec66a03133d28570f07bc52749ccfef54da | affected |
| Linux | Linux | bae105879f2f2404155da6f50b3636193d228a62 < 0940795c6834fbe7705acc5c3d4b2f7a5f67527a | affected |
| Linux | Linux | bae105879f2f2404155da6f50b3636193d228a62 < c5628533a3ece64235d04fe11ec44d2be99e423d | affected |
| Linux | Linux | bae105879f2f2404155da6f50b3636193d228a62 < 83a1cde5c74bfb44b49cb2a940d044bb2380f4ea | affected |
| Linux | Linux | 2.6.33 | affected |
| Linux | Linux | 0 < 2.6.33 | unaffected |
| Linux | Linux | 4.9.311 <= 4.9.* | unaffected |
| Linux | Linux | 4.14.276 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.239 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.190 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.112 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.35 <= 5.15.* | unaffected |
| Linux | Linux | 5.17.4 <= 5.17.* | unaffected |
| Linux | Linux | 5.18 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/c06f476e5b74bcabb8c4a2fba55864a37e62843b
- https://git.kernel.org/stable/c/a12b356d45cbb6e8a1b718d1436b3d6239a862f3
- https://git.kernel.org/stable/c/c64e2ed5cc376e137e572babfd2edc38b2cfb61b
- https://git.kernel.org/stable/c/89931d4762572aaee6edbe5673d41f8082de110f
- https://git.kernel.org/stable/c/0a312ec66a03133d28570f07bc52749ccfef54da
- https://git.kernel.org/stable/c/0940795c6834fbe7705acc5c3d4b2f7a5f67527a
- https://git.kernel.org/stable/c/c5628533a3ece64235d04fe11ec44d2be99e423d
- https://git.kernel.org/stable/c/83a1cde5c74bfb44b49cb2a940d044bb2380f4ea
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.