5.5

CVE-2021-47270

usb: fix various gadgets null ptr deref on 10gbps cabling.

In the Linux kernel, the following vulnerability has been resolved:

usb: fix various gadgets null ptr deref on 10gbps cabling.

This avoids a null pointer dereference in
f_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm}
by simply reusing the 5gbps config for 10gbps.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.6 < 4.9.273
LinuxLinux Kernel Version >= 4.10 < 4.14.237
LinuxLinux Kernel Version >= 4.15 < 4.19.195
LinuxLinux Kernel Version >= 4.20 < 5.4.126
LinuxLinux Kernel Version >= 5.5 < 5.10.44
LinuxLinux Kernel Version >= 5.11 < 5.12.11
LinuxLinux Kernel Version5.13 Updaterc1
LinuxLinux Kernel Version5.13 Updaterc2
LinuxLinux Kernel Version5.13 Updaterc3
LinuxLinux Kernel Version5.13 Updaterc4
LinuxLinux Kernel Version5.13 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.13
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/10770d2ac0094b053c8897d96d7b2737cd72f7c5
Patch
https://git.kernel.org/stable/c/4b289a0f3033f465b4fd51ba995251a7867a2aa2
Patch
https://git.kernel.org/stable/c/8cd5f45c1b769e3e9e0f4325dd08b6c3749dc7ee
Patch
https://git.kernel.org/stable/c/90c4d05780d47e14a50e11a7f17373104cd47d25
Patch
https://git.kernel.org/stable/c/b4903f7fdc484628d0b8022daf86e2439d3ab4db
Patch
https://git.kernel.org/stable/c/beb1e67a5ca8d69703c776db9000527f44c0c93c
Patch
https://git.kernel.org/stable/c/f17aae7c4009160f0630a91842a281773976a5bc
Patch