Bug 1220762 (CVE-2021-47050) - VUL-0: CVE-2021-47050: kernel: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource
Summary: VUL-0: CVE-2021-47050: kernel: memory: renesas-rpc-if: fix possible NULL poin...
Status: RESOLVED FIXED
Alias: CVE-2021-47050
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/395497/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-47050:4.4:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-03-01 11:08 UTC by SMASH SMASH
Modified: 2024-04-19 13:02 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-03-01 11:08:55 UTC 
In the Linux kernel, the following vulnerability has been resolved:

memory: renesas-rpc-if: fix possible NULL pointer dereference of resource

The platform_get_resource_byname() can return NULL which would be
immediately dereferenced by resource_size().  Instead dereference it
after validating the resource.

Addresses-Coverity: Dereference null return value

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47050
https://www.cve.org/CVERecord?id=CVE-2021-47050
https://git.kernel.org/stable/c/59e27d7c94aa02da039b000d33c304c179395801
https://git.kernel.org/stable/c/71bcc1b4a1743534d8abdcb57ff912e6bc390438
https://git.kernel.org/stable/c/a74cb41af7dbe019e4096171f8bc641c7ce910ad
https://git.kernel.org/stable/c/e16acc3a37f09e18835dc5d8014942c2ef6ca957
https://bugzilla.redhat.com/show_bug.cgi?id=2266735
Comment 1 Gabriele Sonnu 2024-03-01 11:15:52 UTC 
All affected branches already contain the fix. Closing.
Comment 7 Thomas Leroy 2024-04-19 13:02:09 UTC 
All done, closing.