CVE-2021-47120
HID: magicmouse: fix NULL-deref on disconnect
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
HID: magicmouse: fix NULL-deref on disconnect
Commit 9d7b18668956 ("HID: magicmouse: add support for Apple Magic
Trackpad 2") added a sanity check for an Apple trackpad but returned
success instead of -ENODEV when the check failed. This means that the
remove callback will dereference the never-initialised driver data
pointer when the driver is later unbound (e.g. on USB disconnect).
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: HID: magicmouse: corrige NULL-deref al desconectarse. el commit 9d7b18668956 ("HID: magicmouse: agrega soporte para Apple Magic Trackpad 2") agregó una verificación de cordura para un trackpad de Apple pero devolvió el éxito. en lugar de -ENODEV cuando falló la verificación. Esto significa que la devolución de llamada de eliminación eliminará la referencia al puntero de datos del controlador nunca inicializado cuando el controlador se desvincule posteriormente (por ejemplo, al desconectarse el USB).
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-04 CVE Reserved
- 2024-03-15 CVE Published
- 2024-03-16 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/9d7b18668956c411a422d04c712994c5fdb23a4b | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.4.125 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.125" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.10.43 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.10.43" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.12.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.12.10" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.13" | en |
Affected
| ||||||