CVE-2021-47631

In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850-evm: Avoid NULL pointer dereference With newer versions of GCC, there is a panic in da850_evm_config_emac() when booting multi_v5_defconfig in QEMU under the palmetto-bmc machine: Unable to handle kernel NULL pointer dereference at virtual address 00000020 pgd = (ptrval) [00000020] *pgd=00000000 Internal error: Oops: 5 [#1] PREEMPT ARM Modules linked in: CPU: 0 PID: 1 Comm: swapper Not tainted 5.15.0 #1 Hardware name: Generic DT based system PC is at da850_evm_config_emac+0x1c/0x120 LR is at do_one_initcall+0x50/0x1e0 The emac_pdata pointer in soc_info is NULL because davinci_soc_info only gets populated on davinci machines but da850_evm_config_emac() is called on all machines via device_initcall(). Move the rmii_en assignment below the machine check so that it is only dereferenced when running on a supported SoC.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0940795c6834fbe7705acc5c3d4b2f7a5f67527a	Patch
https://git.kernel.org/stable/c/0a312ec66a03133d28570f07bc52749ccfef54da	Patch
https://git.kernel.org/stable/c/83a1cde5c74bfb44b49cb2a940d044bb2380f4ea	Patch
https://git.kernel.org/stable/c/89931d4762572aaee6edbe5673d41f8082de110f	Patch
https://git.kernel.org/stable/c/a12b356d45cbb6e8a1b718d1436b3d6239a862f3	Patch
https://git.kernel.org/stable/c/c06f476e5b74bcabb8c4a2fba55864a37e62843b	Patch
https://git.kernel.org/stable/c/c5628533a3ece64235d04fe11ec44d2be99e423d	Patch
https://git.kernel.org/stable/c/c64e2ed5cc376e137e572babfd2edc38b2cfb61b	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.18:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.18:rc2::::::

History

18 Mar 2025, 19:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux linux Kernel Linux
References	~~() https://git.kernel.org/stable/c/0940795c6834fbe7705acc5c3d4b2f7a5f67527a -~~	() https://git.kernel.org/stable/c/0940795c6834fbe7705acc5c3d4b2f7a5f67527a - Patch
References	~~() https://git.kernel.org/stable/c/0a312ec66a03133d28570f07bc52749ccfef54da -~~	() https://git.kernel.org/stable/c/0a312ec66a03133d28570f07bc52749ccfef54da - Patch
References	~~() https://git.kernel.org/stable/c/83a1cde5c74bfb44b49cb2a940d044bb2380f4ea -~~	() https://git.kernel.org/stable/c/83a1cde5c74bfb44b49cb2a940d044bb2380f4ea - Patch
References	~~() https://git.kernel.org/stable/c/89931d4762572aaee6edbe5673d41f8082de110f -~~	() https://git.kernel.org/stable/c/89931d4762572aaee6edbe5673d41f8082de110f - Patch
References	~~() https://git.kernel.org/stable/c/a12b356d45cbb6e8a1b718d1436b3d6239a862f3 -~~	() https://git.kernel.org/stable/c/a12b356d45cbb6e8a1b718d1436b3d6239a862f3 - Patch
References	~~() https://git.kernel.org/stable/c/c06f476e5b74bcabb8c4a2fba55864a37e62843b -~~	() https://git.kernel.org/stable/c/c06f476e5b74bcabb8c4a2fba55864a37e62843b - Patch
References	~~() https://git.kernel.org/stable/c/c5628533a3ece64235d04fe11ec44d2be99e423d -~~	() https://git.kernel.org/stable/c/c5628533a3ece64235d04fe11ec44d2be99e423d - Patch
References	~~() https://git.kernel.org/stable/c/c64e2ed5cc376e137e572babfd2edc38b2cfb61b -~~	() https://git.kernel.org/stable/c/c64e2ed5cc376e137e572babfd2edc38b2cfb61b - Patch
CWE		CWE-476
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ARM: davinci: da850-evm: Evitar la desreferencia de puntero NULL Con versiones más nuevas de GCC, hay un pánico en da850_evm_config_emac() al iniciar multi_v5_defconfig en QEMU bajo la máquina palmetto-bmc: No se puede manejar la desreferencia de puntero NULL del kernel en la dirección virtual 00000020 pgd = (ptrval) [00000020] *pgd=00000000 Error interno: Oops: 5 [#1] PREEMPT Módulos ARM vinculados: CPU: 0 PID: 1 Comm: swapper No contaminado 5.15.0 #1 Nombre del hardware: Sistema genérico basado en DT La PC está en da850_evm_config_emac+0x1c/0x120 LR está en El puntero emac_pdata en soc_info es NULL porque davinci_soc_info solo se completa en máquinas davinci, pero se llama a da850_evm_config_emac() en todas las máquinas a través de device_initcall(). Mueva la asignación rmii_en debajo de la verificación de la máquina para que solo se desreferencia cuando se ejecuta en un SoC compatible.
CPE		cpe:2.3:o:linux:linux_kernel:5.18:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.18:rc1:::::: cpe:2.3:o:linux:linux_kernel::::::::

26 Feb 2025, 06:37

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-26 06:37

Updated : 2025-03-18 19:35

NVD link : CVE-2021-47631

Mitre link : CVE-2021-47631

CVE.ORG link : CVE-2021-47631

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10