CVE-2021-47050

memory: renesas-rpc-if: fix possible NULL pointer dereference of resource

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource The platform_get_resource_byname() can return NULL which would be
immediately dereferenced by resource_size(). Instead dereference it
after validating the resource. Addresses-Coverity: Dereference null return value

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: memoria: renesas-rpc-if: corrige posible desreferencia del puntero NULL del recurso Platform_get_resource_byname() puede devolver NULL, que sería inmediatamente desreferenciado por Resource_size(). En su lugar, elimine la referencia después de validar el recurso. Direcciones-Cobertura: Desreferencia valor de retorno nulo

In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource The platform_get_resource_byname() can return NULL which would be immediately dereferenced by resource_size(). Instead dereference it after validating the resource. Addresses-Coverity: Dereference null return value

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-27 CVE Reserved
2024-02-28 CVE Published
2024-12-17 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/ca7d8b980b67f133317525c4273e144116ee1ae5	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/71bcc1b4a1743534d8abdcb57ff912e6bc390438	2021-05-14
https://git.kernel.org/stable/c/e16acc3a37f09e18835dc5d8014942c2ef6ca957	2021-05-14
https://git.kernel.org/stable/c/a74cb41af7dbe019e4096171f8bc641c7ce910ad	2021-05-14
https://git.kernel.org/stable/c/59e27d7c94aa02da039b000d33c304c179395801	2021-04-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 5.10.37 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 5.10.37"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 5.11.21 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 5.11.21"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 5.12.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 5.12.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.9 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 5.13"		en		Affected