CVE-2021-47631

Advisory lineage Upstream: 0 Downstream: 8

Downstream

DEBIAN-CVE-2021-47631 SUSE-SU-2025:1027-1 SUSE-SU-2025:1176-1 SUSE-SU-2025:1183-1 SUSE-SU-2025:1194-1 SUSE-SU-2025:1241-1

Modified

Published: 26 Feb 2025, 01:54

Last modified:11 May 2026, 13:58

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (cve.org)

EPSS Score

0.01% LOW

0% probability -0.02%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

26 Feb 2025, 01:54

Published

Vulnerability first disclosed

11 May 2026, 13:58

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850-evm: Avoid NULL pointer dereference With newer versions of GCC, there is a panic in da850_evm_config_emac() when booting multi_v5_defconfig in QEMU under the palmetto-bmc machine: Unable to handle kernel NULL pointer dereference at virtual address 00000020 pgd = (ptrval) [00000020] *pgd=00000000 Internal error: Oops: 5 [#1] PREEMPT ARM Modules linked in: CPU: 0 PID: 1 Comm: swapper Not tainted 5.15.0 #1 Hardware name: Generic DT based system PC is at da850_evm_config_emac+0x1c/0x120 LR is at do_one_initcall+0x50/0x1e0 The emac_pdata pointer in soc_info is NULL because davinci_soc_info only gets populated on davinci machines but da850_evm_config_emac() is called on all machines via device_initcall(). Move the rmii_en assignment below the machine check so that it is only dereferenced when running on a supported SoC.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 3%

Techniques & Countermeasures

CWE-476•NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

linux•linux
≥ bae105879f2f2404155da6f50b3636193d228a62, < c06f476e5b74bcabb8c4a2fba55864a37e62843b | ≥ bae105879f2f2404155da6f50b3636193d228a62, < a12b356d45cbb6e8a1b718d1436b3d6239a862f3 | ≥ bae105879f2f2404155da6f50b3636193d228a62, < c64e2ed5cc376e137e572babfd2edc38b2cfb61b | ≥ bae105879f2f2404155da6f50b3636193d228a62, < 89931d4762572aaee6edbe5673d41f8082de110f | ≥ bae105879f2f2404155da6f50b3636193d228a62, < 0a312ec66a03133d28570f07bc52749ccfef54da | ≥ bae105879f2f2404155da6f50b3636193d228a62, < 0940795c6834fbe7705acc5c3d4b2f7a5f67527a | ≥ bae105879f2f2404155da6f50b3636193d228a62, < c5628533a3ece64235d04fe11ec44d2be99e423d | ≥ bae105879f2f2404155da6f50b3636193d228a62, < 83a1cde5c74bfb44b49cb2a940d044bb2380f4ea | 2.6.33
linux•linux_kernel
≥ 2.6.33, < 4.9.311 | ≥ 4.10, < 4.14.276 | ≥ 4.15, < 4.19.239 | ≥ 4.20, < 5.4.190 | ≥ 5.5, < 5.10.112 | ≥ 5.11, < 5.15.35 | ≥ 5.16, < 5.17.4 | 5.18:rc1 | 5.18:rc2