{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-47440","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-21T14:58:30.831Z","datePublished":"2024-05-22T06:19:34.890Z","dateUpdated":"2025-05-04T07:10:55.595Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T07:10:55.595Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: encx24j600: check error in devm_regmap_init_encx24j600\n\ndevm_regmap_init may return error which caused by like out of memory,\nthis will results in null pointer dereference later when reading\nor writing register:\n\ngeneral protection fault in encx24j600_spi_probe\nKASAN: null-ptr-deref in range [0x0000000000000090-0x0000000000000097]\nCPU: 0 PID: 286 Comm: spi-encx24j600- Not tainted 5.15.0-rc2-00142-g9978db750e31-dirty #11 9c53a778c1306b1b02359f3c2bbedc0222cba652\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nRIP: 0010:regcache_cache_bypass drivers/base/regmap/regcache.c:540\nCode: 54 41 89 f4 55 53 48 89 fb 48 83 ec 08 e8 26 94 a8 fe 48 8d bb a0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 4a 03 00 00 4c 8d ab b0 00 00 00 48 8b ab a0 00\nRSP: 0018:ffffc900010476b8 EFLAGS: 00010207\nRAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: 0000000000000000\nRDX: 0000000000000012 RSI: ffff888002de0000 RDI: 0000000000000094\nRBP: ffff888013c9a000 R08: 0000000000000000 R09: fffffbfff3f9cc6a\nR10: ffffc900010476e8 R11: fffffbfff3f9cc69 R12: 0000000000000001\nR13: 000000000000000a R14: ffff888013c9af54 R15: ffff888013c9ad08\nFS:  00007ffa984ab580(0000) GS:ffff88801fe00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055a6384136c8 CR3: 000000003bbe6003 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n encx24j600_spi_probe drivers/net/ethernet/microchip/encx24j600.c:459\n spi_probe drivers/spi/spi.c:397\n really_probe drivers/base/dd.c:517\n __driver_probe_device drivers/base/dd.c:751\n driver_probe_device drivers/base/dd.c:782\n __device_attach_driver drivers/base/dd.c:899\n bus_for_each_drv drivers/base/bus.c:427\n __device_attach drivers/base/dd.c:971\n bus_probe_device drivers/base/bus.c:487\n device_add drivers/base/core.c:3364\n __spi_add_device drivers/spi/spi.c:599\n spi_add_device drivers/spi/spi.c:641\n spi_new_device drivers/spi/spi.c:717\n new_device_store+0x18c/0x1f1 [spi_stub 4e02719357f1ff33f5a43d00630982840568e85e]\n dev_attr_store drivers/base/core.c:2074\n sysfs_kf_write fs/sysfs/file.c:139\n kernfs_fop_write_iter fs/kernfs/file.c:300\n new_sync_write fs/read_write.c:508 (discriminator 4)\n vfs_write fs/read_write.c:594\n ksys_write fs/read_write.c:648\n do_syscall_64 arch/x86/entry/common.c:50\n entry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:113\n\nAdd error check in devm_regmap_init_encx24j600 to avoid this situation."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/ethernet/microchip/encx24j600-regmap.c","drivers/net/ethernet/microchip/encx24j600.c","drivers/net/ethernet/microchip/encx24j600_hw.h"],"versions":[{"version":"04fbfce7a222327b97ca165294ef19f0faa45960","lessThan":"66358471fa75a713fd76bc8a4bd74cb14cd50a4f","status":"affected","versionType":"git"},{"version":"04fbfce7a222327b97ca165294ef19f0faa45960","lessThan":"f043fac1133a6c5ef960a8422c0f6dd711dee462","status":"affected","versionType":"git"},{"version":"04fbfce7a222327b97ca165294ef19f0faa45960","lessThan":"fddc7f678d7fb93caa0d7bc512f968ff1e2bddbc","status":"affected","versionType":"git"},{"version":"04fbfce7a222327b97ca165294ef19f0faa45960","lessThan":"5e5494e6fc8a29c927e0478bec4a078a40da8901","status":"affected","versionType":"git"},{"version":"04fbfce7a222327b97ca165294ef19f0faa45960","lessThan":"4c2eb80fc90b05559ce6ed1b8dfb2348420b5644","status":"affected","versionType":"git"},{"version":"04fbfce7a222327b97ca165294ef19f0faa45960","lessThan":"e19c10d6e07c59c96e90fe053a72683ad8b0397e","status":"affected","versionType":"git"},{"version":"04fbfce7a222327b97ca165294ef19f0faa45960","lessThan":"322c0e53496309e634d9db7349678eaad1d25b55","status":"affected","versionType":"git"},{"version":"04fbfce7a222327b97ca165294ef19f0faa45960","lessThan":"f03dca0c9e2297c84a018e306f8a9cd534ee4287","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/ethernet/microchip/encx24j600-regmap.c","drivers/net/ethernet/microchip/encx24j600.c","drivers/net/ethernet/microchip/encx24j600_hw.h"],"versions":[{"version":"4.4","status":"affected"},{"version":"0","lessThan":"4.4","status":"unaffected","versionType":"semver"},{"version":"4.4.290","lessThanOrEqual":"4.4.*","status":"unaffected","versionType":"semver"},{"version":"4.9.288","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.252","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.213","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.155","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.75","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.14.14","lessThanOrEqual":"5.14.*","status":"unaffected","versionType":"semver"},{"version":"5.15","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"4.4.290"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"4.9.288"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"4.14.252"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"4.19.213"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"5.4.155"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"5.10.75"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"5.14.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"5.15"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/66358471fa75a713fd76bc8a4bd74cb14cd50a4f"},{"url":"https://git.kernel.org/stable/c/f043fac1133a6c5ef960a8422c0f6dd711dee462"},{"url":"https://git.kernel.org/stable/c/fddc7f678d7fb93caa0d7bc512f968ff1e2bddbc"},{"url":"https://git.kernel.org/stable/c/5e5494e6fc8a29c927e0478bec4a078a40da8901"},{"url":"https://git.kernel.org/stable/c/4c2eb80fc90b05559ce6ed1b8dfb2348420b5644"},{"url":"https://git.kernel.org/stable/c/e19c10d6e07c59c96e90fe053a72683ad8b0397e"},{"url":"https://git.kernel.org/stable/c/322c0e53496309e634d9db7349678eaad1d25b55"},{"url":"https://git.kernel.org/stable/c/f03dca0c9e2297c84a018e306f8a9cd534ee4287"}],"title":"net: encx24j600: check error in devm_regmap_init_encx24j600","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-476","lang":"en","description":"CWE-476 NULL Pointer Dereference"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":2.3,"attackVector":"LOCAL","baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"LOW","privilegesRequired":"HIGH","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-05-22T20:20:31.324423Z","id":"CVE-2021-47440","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-01T16:30:42.379Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:39:58.978Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/66358471fa75a713fd76bc8a4bd74cb14cd50a4f","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f043fac1133a6c5ef960a8422c0f6dd711dee462","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/fddc7f678d7fb93caa0d7bc512f968ff1e2bddbc","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5e5494e6fc8a29c927e0478bec4a078a40da8901","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/4c2eb80fc90b05559ce6ed1b8dfb2348420b5644","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/e19c10d6e07c59c96e90fe053a72683ad8b0397e","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/322c0e53496309e634d9db7349678eaad1d25b55","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f03dca0c9e2297c84a018e306f8a9cd534ee4287","tags":["x_transferred"]}]}]}}