CVE-2021-47289

May 21, 2024, 4:54 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") started doing "acpi_dev_put()" on a pointer that was possibly NULL. That fails miserably, because that helper inline function is not set up to handle that case. Just make acpi_dev_put() silently accept a NULL pointer, rather than calling down to put_device() with an invalid offset off that NULL pointer.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/38f54217b423c0101d03a00feec6fb8ec608b12e
https://git.kernel.org/stable/c/cae3fa3d8165761f3000f523b11cfa1cd35206bc
https://git.kernel.org/stable/c/ccf23a0888077a25a0793a746c3941db2a7562e4
https://git.kernel.org/stable/c/fc68f42aa737dc15e7665a4101d4168aadb8e4c4

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-21
CVE-2021-47289

Timeline

Published: May 21, 2024, 3:15 p.m.
Last Modified: May 21, 2024, 4:54 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.