Main Vulnerability Database SB2024061372

SB2024061372 - NULL pointer dereference in Linux kernel usb dwc2 driver

Published: June 13, 2024 Updated: May 13, 2025

Security Bulletin ID SB2024061372

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2021-47409)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dwc2_hcd_init() function in drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b
https://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282
https://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7
https://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262
https://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df
https://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.250
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.210
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.11
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.152