5.5
CVE-2021-47134
- EPSS 0.23%
- Veröffentlicht 15.03.2024 21:15:07
- Zuletzt bearbeitet 27.02.2025 03:20:09
- CVE-Watchlists
- Unerledigt
efi/fdt: fix panic when no valid fdt found
In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setup_arch() would invoke efi_init()->efi_get_fdt_params(). If no valid fdt found then initial_boot_params will be null. So we should stop further fdt processing here. I encountered this issue on risc-v.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.10 < 5.10.43
Linux ≫ Linux Kernel Version >= 5.11 < 5.12.10
Linux ≫ Linux Kernel Version5.13 Updaterc1
Linux ≫ Linux Kernel Version5.13 Updaterc2
Linux ≫ Linux Kernel Version5.13 Updaterc3
Linux ≫ Linux Kernel Version5.13 Updaterc4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.138 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/5148066edbdc89c6fe5bc419c31a5c22e5f83bdb
https://git.kernel.org/stable/c/668a84c1bfb2b3fd5a10847825a854d63fac7baa
https://git.kernel.org/stable/c/8a7e8b4e5631a03ea2fee27957857a56612108ca