In Linux/Kernel in versions v2.6.11-tree to v4.4.292, v4.5-rc1 to v4.9.290, v4.10-rc1 to v4.14.255, v4.15-rc1 to v4.19.217, v5.0-rc1 to v5.4.161;, v5.5-rc1 to v5.10.82, v5.10-rc1 to v5.14.21, v5.15-rc1--v5.15.4.
Is vulnerable to null pointer dereference on pointer block in sound/isa/gus/gus_dma.c
WS-2021-0439 - Medium Severity Vulnerability
Vulnerable Library - linuxlinux-4.19.236
The Linux Kernel
Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux
Found in HEAD commit: 63ec46be94f7d206b296bb6c7cd636df4b2eaddd
Found in base branch: master
Vulnerable Source Files (2)
/sound/isa/gus/gus_dma.c /sound/isa/gus/gus_dma.c
Vulnerability Details
In Linux/Kernel in versions v2.6.11-tree to v4.4.292, v4.5-rc1 to v4.9.290, v4.10-rc1 to v4.14.255, v4.15-rc1 to v4.19.217, v5.0-rc1 to v5.4.161;, v5.5-rc1 to v5.10.82, v5.10-rc1 to v5.14.21, v5.15-rc1--v5.15.4. Is vulnerable to null pointer dereference on pointer block in sound/isa/gus/gus_dma.c
Publish Date: 2021-11-29
URL: WS-2021-0439
CVSS 3 Score Details (5.1)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://osv.dev/vulnerability/UVI-2021-1002332
Release Date: 2021-11-29
Fix Resolution: Linux/Kernel - v4.4.293, v4.9.291, v4.14.256, v4.19.218, v5.4.162, v5.10.83, v5.15.5
Step up your Open Source Security Game with Mend here