{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2021-47202","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-03-25T09:12:14.117Z","datePublished":"2024-04-10T18:56:36.408Z","dateUpdated":"2025-12-18T11:36:02.569Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-12-18T11:36:02.569Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: Fix NULL pointer dereferences in of_thermal_ functions\n\nof_parse_thermal_zones() parses the thermal-zones node and registers a\nthermal_zone device for each subnode. However, if a thermal zone is\nconsuming a thermal sensor and that thermal sensor device hasn't probed\nyet, an attempt to set trip_point_*_temp for that thermal zone device\ncan cause a NULL pointer dereference. Fix it.\n\n console:/sys/class/thermal/thermal_zone87 # echo 120000 > trip_point_0_temp\n ...\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ...\n Call trace:\n  of_thermal_set_trip_temp+0x40/0xc4\n  trip_point_temp_store+0xc0/0x1dc\n  dev_attr_store+0x38/0x88\n  sysfs_kf_write+0x64/0xc0\n  kernfs_fop_write_iter+0x108/0x1d0\n  vfs_write+0x2f4/0x368\n  ksys_write+0x7c/0xec\n  __arm64_sys_write+0x20/0x30\n  el0_svc_common.llvm.7279915941325364641+0xbc/0x1bc\n  do_el0_svc+0x28/0xa0\n  el0_svc+0x14/0x24\n  el0_sync_handler+0x88/0xec\n  el0_sync+0x1c0/0x200\n\nWhile at it, fix the possible NULL pointer dereference in other\nfunctions as well: of_thermal_get_temp(), of_thermal_set_emul_temp(),\nof_thermal_get_trend()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/thermal/thermal_of.c"],"versions":[{"version":"2251aef64a38db60f4ae7a4a83f9203c6791f196","lessThan":"828f4c31684da94ecf0b44a2cbd35bbede04f0bd","status":"affected","versionType":"git"},{"version":"2251aef64a38db60f4ae7a4a83f9203c6791f196","lessThan":"6a315471cb6a07f651e1d3adc8962730f4fcccac","status":"affected","versionType":"git"},{"version":"2251aef64a38db60f4ae7a4a83f9203c6791f196","lessThan":"0750f769b95841b34a9fe8c418dd792ff526bf86","status":"affected","versionType":"git"},{"version":"2251aef64a38db60f4ae7a4a83f9203c6791f196","lessThan":"ef2590a5305e0b8e9342f84c2214aa478ee7f28e","status":"affected","versionType":"git"},{"version":"2251aef64a38db60f4ae7a4a83f9203c6791f196","lessThan":"96cfe05051fd8543cdedd6807ec59a0e6c409195","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/thermal/thermal_of.c"],"versions":[{"version":"3.19","status":"affected"},{"version":"0","lessThan":"3.19","status":"unaffected","versionType":"semver"},{"version":"5.4.210","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.81","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.14.21","lessThanOrEqual":"5.14.*","status":"unaffected","versionType":"semver"},{"version":"5.15.4","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.16","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19","versionEndExcluding":"5.4.210"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19","versionEndExcluding":"5.10.81"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19","versionEndExcluding":"5.14.21"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19","versionEndExcluding":"5.15.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19","versionEndExcluding":"5.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/828f4c31684da94ecf0b44a2cbd35bbede04f0bd"},{"url":"https://git.kernel.org/stable/c/6a315471cb6a07f651e1d3adc8962730f4fcccac"},{"url":"https://git.kernel.org/stable/c/0750f769b95841b34a9fe8c418dd792ff526bf86"},{"url":"https://git.kernel.org/stable/c/ef2590a5305e0b8e9342f84c2214aa478ee7f28e"},{"url":"https://git.kernel.org/stable/c/96cfe05051fd8543cdedd6807ec59a0e6c409195"}],"title":"thermal: Fix NULL pointer dereferences in of_thermal_ functions","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:32:07.362Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/828f4c31684da94ecf0b44a2cbd35bbede04f0bd","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/6a315471cb6a07f651e1d3adc8962730f4fcccac","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/0750f769b95841b34a9fe8c418dd792ff526bf86","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/ef2590a5305e0b8e9342f84c2214aa478ee7f28e","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/96cfe05051fd8543cdedd6807ec59a0e6c409195","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2021-47202","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T15:49:58.504831Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:33:37.039Z"}}]}}