CVE-2021-47650

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47650
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47650.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-47650
Related
Published
2025-02-26T06:37:06Z
Modified
2025-02-26T19:02:43.820971Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: soc-compress: prevent the potentially use of null pointer

There is one call trace that sndsocregistercard() ->sndsocbindcard()->socinitpcmruntime() ->sndsocdaicompressnew()->sndsocnewcompress(). In the trace the 'codecdai' transfers from card->dailink, and we can see from the sndsocaddpcmruntime() in sndsocbindcard() that, if value of card->dailink->numcodecs is 0, then 'codecdai' could be null pointer caused by index out of bound in 'asocrtdtocodec(rtd, 0)'. And sndsocregistercard() is called by various platforms. Therefore, it is better to add the check in the case of misusing. And because 'cpudai' has already checked in socinitpcmruntime(), there is no need to check again. Adding the check as follow, then if 'codecdai' is null, sndsocnewcompress() will not pass through the check 'if (playback + capture != 1)', avoiding the leftover use of 'codec_dai'.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.113-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.17.3-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.17.3-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}