APPLIED: [SRU][F][PATCH 0/1] CVE-2021-47211
Stefan Bader
stefan.bader at canonical.com
Wed Apr 30 14:31:44 UTC 2025
On 24.04.25 01:24, Tim Whisonant wrote:
> SRU Justification:
>
> [Impact]
>
> ALSA: usb-audio: fix null pointer dereference on pointer cs_desc
>
> The pointer cs_desc return from snd_usb_find_clock_source could
> be null, so there is a potential null pointer dereference issue.
> Fix this by adding a null check before dereference.
>
> [Fix]
>
> Oracular: not affected
> Noble: not affected
> Jammy: not affected
> Focal: backported from upstream
> Bionic: sent to ESM ML
> Xenial: sent to ESM ML
> Trusty: out of scope (medium CVE)
>
> [Test Plan]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> The change occurs in the ALSA usb-audio driver. Issues might
> manifest as choppy or missing audio.
>
> Chengfeng Ye (1):
> ALSA: usb-audio: fix null pointer dereference on pointer cs_desc
>
> sound/usb/clock.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
Applied to focal:linux/master-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 47863 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250430/4f361de4/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250430/4f361de4/attachment-0001.sig>
More information about the kernel-team
mailing list