Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2021-47528
HistoryMay 24, 2024 - 3:09 p.m.

CVE-2021-47528 usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()

2024-05-2415:09:39
Linux
www.cve.org
1
linux kernel
usb
cdnsp
null pointer
vulnerability
bug fix
static analyzer
security operations.

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()

In cdnsp_endpoint_init(), cdnsp_ring_alloc() is assigned to pep->ring
and there is a dereference of it in cdnsp_endpoint_init(), which could
lead to a NULL pointer dereference on failure of cdnsp_ring_alloc().

Fix this bug by adding a check of pep->ring.

This bug was found by a static analyzer. The analysis employs
differential checking to identify inconsistent security operations
(e.g., checks or kfrees) between two code paths and confirms that the
inconsistent operations are not recovered in the current function or
the callers, so they constitute bugs.

Note that, as a bug found by static analysis, it can be a false
positive or hard to trigger. Multiple researchers have cross-reviewed
the bug.

Builds with CONFIG_USB_CDNSP_GADGET=y show no new warnings,
and our static analyzer no longer warns about this code.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/usb/cdns3/cdnsp-mem.c"
    ],
    "versions": [
      {
        "version": "3d82904559f4",
        "lessThan": "7d94bc8e335c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3d82904559f4",
        "lessThan": "37307f7020ab",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/usb/cdns3/cdnsp-mem.c"
    ],
    "versions": [
      {
        "version": "5.12",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.12",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.7",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.16",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

vulnrichment 1
ubuntucve 1
debiancve 1
nvd 1
redhatcve 1
cve 1
nessus 2
vulnrichment
vulnrichment
CVE-2021-47528 usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()
2024-05-24 15:09:39
ubuntucve
ubuntucve
CVE-2021-47528
2024-05-24 00:00:00
debiancve
debiancve
CVE-2021-47528
2024-05-24 15:15:15
nvd
nvd
CVE-2021-47528
2024-05-24 15:15:15
redhatcve
redhatcve
CVE-2021-47528
2024-05-27 10:31:40
cve
cve
CVE-2021-47528
2024-05-24 15:15:15
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)
2024-06-13 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)
2024-06-14 00:00:00

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for CVELIST:CVE-2021-47528
vulnrichment1ubuntucve1debiancve1nvd1redhatcve1cve1nessus2