vulnerability

Ubuntu: (Multiple Advisories) (CVE-2021-47385): Linux kernel vulnerabilities

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
May 21, 2024
Added
Nov 19, 2024
Modified
Dec 8, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field

If driver read val value sufficient for
(val & 0x08) && (!(val & 0x80)) && ((val & 0x7) == ((val >> 4) & 0x7))
from device then Null pointer dereference occurs.
(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)
Also lm75[] does not serve a purpose anymore after switching to
devm_i2c_new_dummy_device() in w83791d_detect_subclients().

The patch fixes possible NULL pointer dereference by removing lm75[].

Found by Linux Driver Verification project (linuxtesting.org).

[groeck: Dropped unnecessary continuation lines, fixed multipline alignment]

Solutions

ubuntu-upgrade-linux-image-4-15-0-1142-fipsubuntu-upgrade-linux-image-4-15-0-1149-oracleubuntu-upgrade-linux-image-4-15-0-1169-kvmubuntu-upgrade-linux-image-4-15-0-1180-gcpubuntu-upgrade-linux-image-4-15-0-1187-awsubuntu-upgrade-linux-image-4-15-0-2088-gcp-fipsubuntu-upgrade-linux-image-4-15-0-2125-aws-fipsubuntu-upgrade-linux-image-4-15-0-245-genericubuntu-upgrade-linux-image-4-15-0-245-lowlatencyubuntu-upgrade-linux-image-aws-4-15ubuntu-upgrade-linux-image-aws-fipsubuntu-upgrade-linux-image-aws-fips-4-15ubuntu-upgrade-linux-image-aws-hweubuntu-upgrade-linux-image-aws-lts-18-04ubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-4-15ubuntu-upgrade-linux-image-gcp-fipsubuntu-upgrade-linux-image-gcp-fips-4-15ubuntu-upgrade-linux-image-gcp-lts-18-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-hwe-16-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-hwe-16-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oracle-4-15ubuntu-upgrade-linux-image-oracle-lts-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-16-04

References

    Title
    NEW

    Explore Exposure Command

    Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

    Try it today