cve-2021-47120
Vulnerability from cvelistv5
Published
2024-03-15 20:14
Modified
2024-11-04 11:59
Severity ?
EPSS score ?
Summary
HID: magicmouse: fix NULL-deref on disconnect
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47120", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-19T15:24:16.763009Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:25.270Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:24:39.876Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/368c5d45a87e1bcc7f1e98e0c255c37b7b12c5d6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b5d013c4c76b276890135b5d32803c4c63924b77" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9cf27473f21913a3eaf4702dd2a25415afd5f33f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/hid/hid-magicmouse.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "368c5d45a87e", "status": "affected", "version": "9d7b18668956", "versionType": "git" }, { "lessThan": "b5d013c4c76b", "status": "affected", "version": "9d7b18668956", "versionType": "git" }, { "lessThan": "9cf27473f219", "status": "affected", "version": "9d7b18668956", "versionType": "git" }, { "lessThan": "4b4f6cecca44", "status": "affected", "version": "9d7b18668956", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/hid/hid-magicmouse.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.20" }, { "lessThan": "4.20", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.125", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.43", "versionType": "semver" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.10", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: magicmouse: fix NULL-deref on disconnect\n\nCommit 9d7b18668956 (\"HID: magicmouse: add support for Apple Magic\nTrackpad 2\") added a sanity check for an Apple trackpad but returned\nsuccess instead of -ENODEV when the check failed. This means that the\nremove callback will dereference the never-initialised driver data\npointer when the driver is later unbound (e.g. on USB disconnect)." } ], "providerMetadata": { "dateUpdated": "2024-11-04T11:59:47.716Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/368c5d45a87e1bcc7f1e98e0c255c37b7b12c5d6" }, { "url": "https://git.kernel.org/stable/c/b5d013c4c76b276890135b5d32803c4c63924b77" }, { "url": "https://git.kernel.org/stable/c/9cf27473f21913a3eaf4702dd2a25415afd5f33f" }, { "url": "https://git.kernel.org/stable/c/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497" } ], "title": "HID: magicmouse: fix NULL-deref on disconnect", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47120", "datePublished": "2024-03-15T20:14:26.578Z", "dateReserved": "2024-03-04T18:12:48.838Z", "dateUpdated": "2024-11-04T11:59:47.716Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-47120\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-15T21:15:07.060\",\"lastModified\":\"2024-03-17T22:38:29.433\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nHID: magicmouse: fix NULL-deref on disconnect\\n\\nCommit 9d7b18668956 (\\\"HID: magicmouse: add support for Apple Magic\\nTrackpad 2\\\") added a sanity check for an Apple trackpad but returned\\nsuccess instead of -ENODEV when the check failed. This means that the\\nremove callback will dereference the never-initialised driver data\\npointer when the driver is later unbound (e.g. on USB disconnect).\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: HID: magicmouse: corrige NULL-deref al desconectarse. el commit 9d7b18668956 (\\\"HID: magicmouse: agrega soporte para Apple Magic Trackpad 2\\\") agreg\u00f3 una verificaci\u00f3n de cordura para un trackpad de Apple pero devolvi\u00f3 el \u00e9xito. en lugar de -ENODEV cuando fall\u00f3 la verificaci\u00f3n. Esto significa que la devoluci\u00f3n de llamada de eliminaci\u00f3n eliminar\u00e1 la referencia al puntero de datos del controlador nunca inicializado cuando el controlador se desvincule posteriormente (por ejemplo, al desconectarse el USB).\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/368c5d45a87e1bcc7f1e98e0c255c37b7b12c5d6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9cf27473f21913a3eaf4702dd2a25415afd5f33f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b5d013c4c76b276890135b5d32803c4c63924b77\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}" } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.