CVE-2021-47332
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
21/05/2024
Last modified:
24/12/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ALSA: usx2y: Don&#39;t call free_pages_exact() with NULL address<br />
<br />
Unlike some other functions, we can&#39;t pass NULL pointer to<br />
free_pages_exact(). Add a proper NULL check for avoiding possible<br />
Oops.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.4.134 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.52 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.12.19 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.13 (including) | 5.13.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/7d7f30cf182e55023fa8fde4c084b2d37c6be69d
- https://git.kernel.org/stable/c/82e5ee742fdd8874fe996181b87fafe1eb5f1196
- https://git.kernel.org/stable/c/88262229b778f4f7a896da828d966f94dcb35d19
- https://git.kernel.org/stable/c/bee295f5e03510252d18b25cc1d26230256eb87a
- https://git.kernel.org/stable/c/cae0cf651adccee2c3f376e78f30fbd788d0829f
- https://git.kernel.org/stable/c/7d7f30cf182e55023fa8fde4c084b2d37c6be69d
- https://git.kernel.org/stable/c/82e5ee742fdd8874fe996181b87fafe1eb5f1196
- https://git.kernel.org/stable/c/88262229b778f4f7a896da828d966f94dcb35d19
- https://git.kernel.org/stable/c/bee295f5e03510252d18b25cc1d26230256eb87a
- https://git.kernel.org/stable/c/cae0cf651adccee2c3f376e78f30fbd788d0829f