5.5

CVE-2021-47502

EPSS 0.02%
Published 24.05.2024 15:15:10
Last modified 29.09.2025 16:32:44
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

ASoC: codecs: wcd934x: handle channel mappping list correctly

Currently each channel is added as list to dai channel list, however
there is danger of adding same channel to multiple dai channel list
which endups corrupting the other list where its already added.

This patch ensures that the channel is actually free before adding to
the dai channel list and also ensures that the channel is on the list
before deleting it.

This check was missing previously, and we did not hit this issue as
we were testing very simple usecases with sequence of amixer commands.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.6 < 5.10.85

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.8

Linux ≫ Linux Kernel Version5.16 Updaterc1

Linux ≫ Linux Kernel Version5.16 Updaterc2

Linux ≫ Linux Kernel Version5.16 Updaterc3

Linux ≫ Linux Kernel Version5.16 Updaterc4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.031

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://git.kernel.org/stable/c/1089dac26c6b4b833323ae6c0ceab29fb30ede72

Patch

https://git.kernel.org/stable/c/23ba28616d3063bd4c4953598ed5e439ca891101

Patch

https://git.kernel.org/stable/c/339ffb5b56005582aacc860524d2d208604049d1

Patch

https://nvd.nist.gov/vuln/detail/CVE-2021-47502

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-47502

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-47502

EUVD