4

CVE-2021-47096

EPSS 0.01%
Published 04.03.2024 18:15:07
Last modified 08.04.2025 15:03:08
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

ALSA: rawmidi - fix the uninitalized user_pversion

The user_pversion was uninitialized for the user space file structure
in the open function, because the file private structure use
kmalloc for the allocation.

The kernel ALSA sequencer code clears the file structure, so no additional
fixes are required.

BugLink: https://github.com/alsa-project/alsa-lib/issues/178

Affected products Warnungen 0 Metrics 2 CWE 1 References 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.15 < 5.15.12

Linux ≫ Linux Kernel Version5.16 Updaterc1

Linux ≫ Linux Kernel Version5.16 Updaterc2

Linux ≫ Linux Kernel Version5.16 Updaterc3

Linux ≫ Linux Kernel Version5.16 Updaterc4

Linux ≫ Linux Kernel Version5.16 Updaterc5

Linux ≫ Linux Kernel Version5.16 Updaterc6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.015

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0	4	2.5	1.4	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://git.kernel.org/stable/c/39a8fc4971a00d22536aeb7d446ee4a97810611b

Patch

https://git.kernel.org/stable/c/b398fcbe4de1e1100867fdb6f447c6fbc8fe7085

Patch

https://nvd.nist.gov/vuln/detail/CVE-2021-47096

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-47096

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-47096

EUVD