CVE-2021-47645

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com

On the case tmp_dcim=1, the index of buffer is miscalculated. This generate a NULL pointer dereference later.

So let's fix the calcul and add a check to prevent this to reappear.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8dce4b265a5357731058f69645840dabc718c687affected
LinuxLinux61c3b19f7b9eb7c7838fd35f86566230fefd6550 < bafec1a6ba4b187a7fcdcfce0faebdc623d4ef8eaffected
LinuxLinux61c3b19f7b9eb7c7838fd35f86566230fefd6550 < 7e76f3ed7ab2ae026c6ef9cc23096a7554af8c52affected
LinuxLinux61c3b19f7b9eb7c7838fd35f86566230fefd6550 < 20db2ed1e2f9fcd417fa67853e5154f0c2537d6caffected
LinuxLinux61c3b19f7b9eb7c7838fd35f86566230fefd6550 < 20811bbe685ca3eddd34b0c750860427d7030910affected
LinuxLinux61c3b19f7b9eb7c7838fd35f86566230fefd6550 < e3b86f4e558cea9eed71d894df2f19b10d60a207affected
LinuxLinux2.6.12affected
LinuxLinux5.10affected
LinuxLinux0 < 2.6.12unaffected
LinuxLinux5.2 < 5.10unaffected
LinuxLinux5.10.110 <= 5.10.*unaffected
LinuxLinux5.15.33 <= 5.15.*unaffected
LinuxLinux5.16.19 <= 5.16.*unaffected
LinuxLinux5.17.2 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References