Bug 1224850 (CVE-2021-47233)

Summary:	VUL-0: CVE-2021-47233: kernel: regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL
Product:	[Novell Products] SUSE Security Incidents	Reporter:	SMASH SMASH <smash_bz>
Component:	Incidents	Assignee:	Security Team bot <security-team>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P3 - Medium	CC:	gabriele.sonnu, mhocko, tiwai
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
URL:	https://smash.suse.de/issue/406860/
Whiteboard:	CVSSv3.1:SUSE:CVE-2021-47233:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By:	Security Response Team	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description SMASH SMASH 2024-05-22 08:10:04 UTC

In the Linux kernel, the following vulnerability has been resolved:

regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL

devm_gpiod_get_array_optional may return NULL if no GPIO was assigned.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47233
https://www.cve.org/CVERecord?id=CVE-2021-47233
https://git.kernel.org/stable/c/ba8a26a7ce8617f9f3d6230de34b2302df086b41
https://git.kernel.org/stable/c/cb2381cbecb81a8893b2d1e1af29bc2e5531df27
https://git.kernel.org/stable/c/dc68f0c9e4a001e02376fe87f4bdcacadb27e8a1
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2021/CVE-2021-47233.mbox

Comment 2 Michal Hocko 2024-05-23 17:56:14 UTC

nothing to be done

Comment 3 Gabriele Sonnu 2024-06-10 12:43:14 UTC

All done, closing.