5.5

CVE-2021-47409

usb: dwc2: check return value after calling platform_get_resource()

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc2: check return value after calling platform_get_resource()

It will cause null-ptr-deref if platform_get_resource() returns NULL,
we need check the return value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.14.250
LinuxLinux Kernel Version >= 4.15 < 4.19.210
LinuxLinux Kernel Version >= 4.20 < 5.4.152
LinuxLinux Kernel Version >= 5.5 < 5.10.72
LinuxLinux Kernel Version >= 5.11 < 5.14.11
LinuxLinux Kernel Version5.15 Updaterc1
LinuxLinux Kernel Version5.15 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.152
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262
Patch
https://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df
Patch
https://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b
Patch
https://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82
Patch
https://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7
Patch
https://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282
Patch