5.5
CVE-2021-47409
- EPSS 0.24%
- Veröffentlicht 21.05.2024 15:15:26
- Zuletzt bearbeitet 30.12.2024 20:00:41
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
usb: dwc2: check return value after calling platform_get_resource()
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 4.14.250
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.210
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.152
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.72
Linux ≫ Linux Kernel Version >= 5.11 < 5.14.11
Linux ≫ Linux Kernel Version5.15 Updaterc1
Linux ≫ Linux Kernel Version5.15 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.152 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262
https://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df
https://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b
https://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82
https://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7
https://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282