In the Linux kernel, the following vulnerability has been resolved:
ACPI: fix NULL pointer dereference
Commit 71f642833284 ("ACPI: utils: Fix reference counting in
for_each_acpi_dev_match()") started doing "acpi_dev_put()" on a pointer
that was possibly NULL. That fails miserably, because that helper
inline function is not set up to handle that case.
Just make acpi_dev_put() silently accept a NULL pointer, rather than
calling down to put_device() with an invalid offset off that NULL
pointer.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-21T14:35:14.740Z
Updated: 2024-09-11T17:33:10.100Z
Reserved: 2024-05-21T13:27:52.129Z
Link: CVE-2021-47289
Vulnrichment
Updated: 2024-08-04T05:32:08.069Z
NVD
Status : Awaiting Analysis
Published: 2024-05-21T15:15:16.950
Modified: 2024-05-21T16:54:26.047
Link: CVE-2021-47289
Redhat