CVE-2021-47211

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-47211

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

I

n the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix null pointer dereference on pointer cs_desc The pointer cs_desc return from snd_usb_find_clock_source could be null, so there is a potential null pointer dereference issue. Fix this by adding a null check before dereference.

References
Link Resource
https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739 Patch
https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954 Patch
https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739 Patch
https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954 Patch
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

14 Jan 2025, 14:43

Type Values Removed Values Added
CWE CWE-476
First Time Linux linux Kernel
Linux
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739 - () https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739 - Patch
References () https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954 - () https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954 - Patch

21 Nov 2024, 06:35

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739 - () https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739 -
References () https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954 - () https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954 -
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: usb-audio: se corrige la desreferencia de puntero nulo en el puntero cs_desc El puntero cs_desc devuelto por snd_usb_find_clock_source podría ser nulo, por lo que existe un posible problema de desreferencia de puntero nulo. Solucione esto agregando una comprobación de nulo antes de la desreferencia.
Information

Published : 2024-04-10 19:15

Updated : 2025-01-14 14:43

NVD link : CVE-2021-47211

Mitre link : CVE-2021-47211

CVE.ORG link : CVE-2021-47211

JSON object : View

Products Affected

linux

CWE
CWE-476

NULL Pointer Dereference