CVE-2021-47270

Advisory lineage Upstream: 0 Downstream: 8
Analyzed
Published: 21 May 2024, 14:19
Last modified:11 May 2026, 13:51

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
v3.1 (nvd)
EPSS Score
0.01% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

21 May 2024, 14:19
Published
Vulnerability first disclosed
11 May 2026, 13:51
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadgets null ptr deref on 10gbps cabling. This avoids a null pointer dereference in f_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm} by simply reusing the 5gbps config for 10gbps.

CVSS Metrics

  • v3.1MEDIUMScore: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01% Percentile: 3%

Techniques & Countermeasures

  • CWE-476NULL Pointer Dereference

    The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

  • linuxlinux

    ≥ eaef50c760576bca70b87fdc26eb87a3660529f8, < beb1e67a5ca8d69703c776db9000527f44c0c93c | ≥ eaef50c760576bca70b87fdc26eb87a3660529f8, < 8cd5f45c1b769e3e9e0f4325dd08b6c3749dc7ee | ≥ eaef50c760576bca70b87fdc26eb87a3660529f8, < 10770d2ac0094b053c8897d96d7b2737cd72f7c5 | ≥ eaef50c760576bca70b87fdc26eb87a3660529f8, < b4903f7fdc484628d0b8022daf86e2439d3ab4db | ≥ eaef50c760576bca70b87fdc26eb87a3660529f8, < 4b289a0f3033f465b4fd51ba995251a7867a2aa2 | ≥ eaef50c760576bca70b87fdc26eb87a3660529f8, < f17aae7c4009160f0630a91842a281773976a5bc | ≥ eaef50c760576bca70b87fdc26eb87a3660529f8, < 90c4d05780d47e14a50e11a7f17373104cd47d25 | 4.6

  • linuxlinux_kernel

    ≥ 4.6, < 4.9.273 | ≥ 4.10, < 4.14.237 | ≥ 4.15, < 4.19.195 | ≥ 4.20, < 5.4.126 | ≥ 5.5, < 5.10.44 | ≥ 5.11, < 5.12.11 | 5.13:rc1 | 5.13:rc2 | 5.13:rc3 | 5.13:rc4 | 5.13:rc5

References (7)