CVE-2021-47149

net: fujitsu: fix potential null-ptr-deref

Description

In the Linux kernel, the following vulnerability has been resolved: net: fujitsu: fix potential null-ptr-deref In fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer deref. To fix this, check the return value of ioremap and return -1 to the caller in case of failure.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/b92170e209f7746ed72eaac98f2c2f4b9af734e6 patch
https://git.kernel.org/stable/c/6dbf1101594f7c76990b63c35b5a40205a914b6b patch
https://git.kernel.org/stable/c/c4f1c23edbe921ab2ecd6140d700e756cd44c5f7 patch
https://git.kernel.org/stable/c/7883d3895d0fbb0ba9bff0f8665f99974b45210f patch
https://git.kernel.org/stable/c/22049c3d40f08facd1867548716a484dad6b3251 patch
https://git.kernel.org/stable/c/71723a796ab7881f491d663c6cd94b29be5fba50 patch
https://git.kernel.org/stable/c/f14bf57a08779a5dee9936f63ada0149ea89c5e6 patch
https://git.kernel.org/stable/c/52202be1cd996cde6e8969a128dc27ee45a7cb5e patch

Frequently Asked Questions

What is the severity of CVE-2021-47149?
CVE-2021-47149 has been scored as a medium severity vulnerability.
How to fix CVE-2021-47149?
To fix CVE-2021-47149, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47149 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-47149 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47149?
CVE-2021-47149 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.