CVE-2021-47652

video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()

Time Line

Published

2024-03-19

Updated

2024-03-19

Firt exploit

2024-03-19

Overview

Descriptions (1)

MITRE

CWE (0)

CAPEC (-)

Risk

CVSS Score

SSVC

KEV

EPSS

Affected Products (-)

Vendors (1)

linux

Products (1)

linux_kernel

Versions (9)

>= 3.2 < 4.9.311, >= 3.2 < 4.14.276, >= 3.2 < 4.19.238, >= 3.2 < 5.4.189, >= 3.2 < 5.10.110, >= 3.2 < 5.15.33, >= 3.2 < 5.16.19, >= 3.2 < 5.17.2, >= 3.2 < 5.18

Intel Resources (-)

Advisories (-)

Exploits (-)

Plugins (-)

References (10)

General (1)

kernel

Exploits & POcs (-)

Patches (9)

kernel

Advisories (-)

Summary

Descriptions

MITRE

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() I got a null-ptr-deref report: BUG: kernel NULL pointer dereference, address: 0000000000000000
...
RIP: 0010:fb_destroy_modelist+0x38/0x100
...
Call Trace: ufx_usb_probe.cold+0x2b5/0xac1 [smscufx] usb_probe_interface+0x1aa/0x3c0 [usbcore] really_probe+0x167/0x460
... ret_from_fork+0x1f/0x30 If fb_alloc_cmap() fails in ufx_usb_probe(), fb_destroy_modelist() will
be called to destroy modelist in the error handling path. But modelist
has not been initialized yet, so it will result in null-ptr-deref. Initialize modelist before calling fb_alloc_cmap() to fix this bug.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-26 CVE Reserved
2025-02-26 CVE Published
2025-02-26 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

Threat Intelligence Resources (0)

Advisories (0)
Exploits (0)

Security Advisory details:

Select an advisory to view details here.

Select	Title	Date

Select an exploit to view details here.

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/3c8a63e22a0802fd56380f6ab305b419f18eb6f5	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/d1b6a1f0c23b7164250479bf92e2893291dca539	2022-04-20
https://git.kernel.org/stable/c/0fd28daec73525382e5c992db8743bf76e42cd5c	2022-04-20
https://git.kernel.org/stable/c/dd3a6cc7385b89ec2303f39dfc3bafa4e24cec4b	2022-04-15
https://git.kernel.org/stable/c/da8b269cc0a2526ebeaccbe2484c999eb0f822cf	2022-04-15
https://git.kernel.org/stable/c/64ec3e678d76419f207b9cdd338dda438ca10b1c	2022-04-08
https://git.kernel.org/stable/c/c420b540db4b5d69de0a36d8b9d9a6a79a04f05a	2022-04-08
https://git.kernel.org/stable/c/d396c651e2b508b6179bb678cc029f3becbf5170	2022-04-08
https://git.kernel.org/stable/c/9280ef235b05e8f19f8bc6d547b992f0a0ef398d	2022-04-08
https://git.kernel.org/stable/c/1791f487f877a9e83d81c8677bd3e7b259e7cb27	2022-01-29

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 4.9.311 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 4.9.311"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 4.14.276 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 4.14.276"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 4.19.238 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 4.19.238"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.4.189 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.4.189"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.10.110 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.10.110"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.15.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.15.33"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.16.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.16.19"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.17.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.17.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.18"		en		Affected

CVE-2021-47652

video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()

Severity Score

Exploit Likelihood

Affected Versions

Public Exploits

Exploited in Wild

Decision

Summary

Descriptions

CVSS Scores

SSVC

Timeline

CWE

CAPEC

Threat Intelligence Resources (0)

References (10)

Affected Vendors, Products, and Versions