Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2021-47409

MEDIUM5.5

usb: dwc2: check return value after calling platform_get_resource()

Published May 21, 2024

Modified 7 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc2: check return value after calling platform_get_resource()

It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

References

WEBhttps://git.kernel.org/stable/c/2754fa3b73df7d0ae042f3ed6cfd9df9042f6262 WEBhttps://git.kernel.org/stable/c/337f00a0bc62d7cb7d10ec0b872c79009a1641df WEBhttps://git.kernel.org/stable/c/4b7f4a0eb92bf37bea4cd838c7f83ea42823ca8b WEBhttps://git.kernel.org/stable/c/856e6e8e0f9300befa87dde09edb578555c99a82 WEBhttps://git.kernel.org/stable/c/8b9c1c33e51d0959f2aec573dfbac0ffd3f5c0b7 WEBhttps://git.kernel.org/stable/c/a7182993dd8e09f96839ddc3ac54f9b37370d282 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2021-47409

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedMay 21, 2024

ModifiedMay 21, 2025

CVE-2021-47409 | Mondoo Vulnerability Intelligence