[SRU][F][PATCH 0/1] CVE-2021-47211
Tim Whisonant
tim.whisonant at canonical.com
Wed Apr 23 23:24:57 UTC 2025
SRU Justification:
[Impact]
ALSA: usb-audio: fix null pointer dereference on pointer cs_desc
The pointer cs_desc return from snd_usb_find_clock_source could
be null, so there is a potential null pointer dereference issue.
Fix this by adding a null check before dereference.
[Fix]
Oracular: not affected
Noble: not affected
Jammy: not affected
Focal: backported from upstream
Bionic: sent to ESM ML
Xenial: sent to ESM ML
Trusty: out of scope (medium CVE)
[Test Plan]
Compile and boot tested.
[Where problems could occur]
The change occurs in the ALSA usb-audio driver. Issues might
manifest as choppy or missing audio.
Chengfeng Ye (1):
ALSA: usb-audio: fix null pointer dereference on pointer cs_desc
sound/usb/clock.c | 8 ++++++++
1 file changed, 8 insertions(+)
--
2.43.0
More information about the kernel-team
mailing list