CVE-2021-47211

MEDIUM EPSS 13.0%
Published Apr 10, 20242y ago · Modified Jun 19, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 10, 2024 2y ago
Last Modified Jun 19, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix null pointer dereference on pointer cs_desc The pointer cs_desc return from snd_usb_find_clock_source could be null, so there is a potential null pointer dereference issue. Fix this by adding a null check before dereference.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 1

VendorProductVersionRange
linuxlinux_kernel* <5.15.5

References 3

  • git.kernel.org https://git.kernel.org/stable/c/3455984b16eeb6914caf8b59498ef24fcc1f0a78
  • git.kernel.org https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954
    Patch