NULL pointer dereference in Linux kernel gadget function driver
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-47270 |
| CWE-ID | CWE-476 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) NULL pointer dereference
EUVDB-ID: #VU90484
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47270
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tcm_bind() function in drivers/usb/gadget/function/f_tcm.c, within the geth_bind() function in drivers/usb/gadget/function/f_subset.c, within the usb_assign_descriptors() function in drivers/usb/gadget/function/f_sourcesink.c, within the gser_bind() function in drivers/usb/gadget/function/f_serial.c, within the rndis_bind() function in drivers/usb/gadget/function/f_rndis.c, within the usb_assign_descriptors() function in drivers/usb/gadget/function/f_printer.c, within the usb_assign_descriptors() function in drivers/usb/gadget/function/f_loopback.c, within the eem_bind() function in drivers/usb/gadget/function/f_eem.c, within the ecm_bind() function in drivers/usb/gadget/function/f_ecm.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 4.9 - 5.13 rc5
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:4.9:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.7:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.9.8:*:*:*:*:*:*:*
https://git.kernel.org/stable/c/beb1e67a5ca8d69703c776db9000527f44c0c93c
https://git.kernel.org/stable/c/8cd5f45c1b769e3e9e0f4325dd08b6c3749dc7ee
https://git.kernel.org/stable/c/10770d2ac0094b053c8897d96d7b2737cd72f7c5
https://git.kernel.org/stable/c/b4903f7fdc484628d0b8022daf86e2439d3ab4db
https://git.kernel.org/stable/c/4b289a0f3033f465b4fd51ba995251a7867a2aa2
https://git.kernel.org/stable/c/f17aae7c4009160f0630a91842a281773976a5bc
https://git.kernel.org/stable/c/90c4d05780d47e14a50e11a7f17373104cd47d25
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.237
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.195
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.273
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.44
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.11
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.126
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
