5.5
CVE-2021-47332
- EPSS 0.24%
- Veröffentlicht 21.05.2024 15:15:20
- Zuletzt bearbeitet 24.12.2024 16:15:56
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ALSA: usx2y: Don't call free_pages_exact() with NULL address
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Don't call free_pages_exact() with NULL address Unlike some other functions, we can't pass NULL pointer to free_pages_exact(). Add a proper NULL check for avoiding possible Oops.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.4.134
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.52
Linux ≫ Linux Kernel Version >= 5.11 < 5.12.19
Linux ≫ Linux Kernel Version >= 5.13 < 5.13.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.146 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/7d7f30cf182e55023fa8fde4c084b2d37c6be69d
https://git.kernel.org/stable/c/82e5ee742fdd8874fe996181b87fafe1eb5f1196
https://git.kernel.org/stable/c/88262229b778f4f7a896da828d966f94dcb35d19
https://git.kernel.org/stable/c/bee295f5e03510252d18b25cc1d26230256eb87a
https://git.kernel.org/stable/c/cae0cf651adccee2c3f376e78f30fbd788d0829f