CVE-2021-47652
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() I got a null-ptr-deref report: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:fb_destroy_modelist+0x38/0x100 ... Call Trace: ufx_usb_probe.cold+0x2b5/0xac1 [smscufx] usb_probe_interface+0x1aa/0x3c0 [usbcore] really_probe+0x167/0x460 ... ret_from_fork+0x1f/0x30 If fb_alloc_cmap() fails in ufx_usb_probe(), fb_destroy_modelist() will be called to destroy modelist in the error handling path. But modelist has not been initialized yet, so it will result in null-ptr-deref. Initialize modelist before calling fb_alloc_cmap() to fix this bug.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < d1b6a1f0c23b7164250479bf92e2893291dca539affected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < 0fd28daec73525382e5c992db8743bf76e42cd5caffected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < dd3a6cc7385b89ec2303f39dfc3bafa4e24cec4baffected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < da8b269cc0a2526ebeaccbe2484c999eb0f822cfaffected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < 64ec3e678d76419f207b9cdd338dda438ca10b1c+4 more versions |
Linux | Linux | affected 3.2unaffected 0 - < 3.2unaffected 4.9.311 - <= 4.9.*unaffected 4.14.276 - <= 4.14.*unaffected 4.19.238 - <= 4.19.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now