CVE-2021-47273

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled When only PHY1 is used (for example on Odroid-HC4), the regmap init code uses the usb2 ports when doesn't initialize the PHY1 regmap entry. This fixes: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 ... pc : regmap_update_bits_base+0x40/0xa0 lr : dwc3_meson_g12a_usb2_init_phy+0x4c/0xf8 ... Call trace: regmap_update_bits_base+0x40/0xa0 dwc3_meson_g12a_usb2_init_phy+0x4c/0xf8 dwc3_meson_g12a_usb2_init+0x7c/0xc8 dwc3_meson_g12a_usb_init+0x28/0x48 dwc3_meson_g12a_probe+0x298/0x540 platform_probe+0x70/0xe0 really_probe+0xf0/0x4d8 driver_probe_device+0xfc/0x168 ...

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/4d2aa178d2ad2fb156711113790dde13e9aa2376	Patch
https://git.kernel.org/stable/c/750a0d75564293be3ed50f13ef7f38ab75106421	Patch
https://git.kernel.org/stable/c/d8dd3754e707104a34f8ec595034d503ea8871a2	Patch
https://git.kernel.org/stable/c/4d2aa178d2ad2fb156711113790dde13e9aa2376	Patch
https://git.kernel.org/stable/c/750a0d75564293be3ed50f13ef7f38ab75106421	Patch
https://git.kernel.org/stable/c/d8dd3754e707104a34f8ec595034d503ea8871a2	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc5::::::

History

26 Dec 2024, 20:48

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/4d2aa178d2ad2fb156711113790dde13e9aa2376 -~~	() https://git.kernel.org/stable/c/4d2aa178d2ad2fb156711113790dde13e9aa2376 - Patch
References	~~() https://git.kernel.org/stable/c/750a0d75564293be3ed50f13ef7f38ab75106421 -~~	() https://git.kernel.org/stable/c/750a0d75564293be3ed50f13ef7f38ab75106421 - Patch
References	~~() https://git.kernel.org/stable/c/d8dd3754e707104a34f8ec595034d503ea8871a2 -~~	() https://git.kernel.org/stable/c/d8dd3754e707104a34f8ec595034d503ea8871a2 - Patch
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-476
CPE		cpe:2.3:o:linux:linux_kernel:5.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc3:::::: cpe:2.3:o:linux:linux_kernel::::::::

Information

Published : 2024-05-21 15:15

Updated : 2024-12-26 20:48

NVD link : CVE-2021-47273

Mitre link : CVE-2021-47273

CVE.ORG link : CVE-2021-47273

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10