CVE-2021-47096

MEDIUM

Linux Kernel 5.15-5.15.11 - Use of Uninitialized Resource in ALSA RawMIDI

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized user_pversion The user_pversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA sequencer code clears the file structure, so no additional fixes are required. BugLink: https://github.com/alsa-project/alsa-lib/issues/178

References (2)

Core 2

Scores

CVSS v3 4.0
EPSS 0.0021
EPSS Percentile 11.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-908
Status published
Products (10)
Linux/Linux < 5.15
Linux/Linux 09d23174402da0f10e98da2c61bb5ac8e7d79fdd - 39a8fc4971a00d22536aeb7d446ee4a97810611b
Linux/Linux 09d23174402da0f10e98da2c61bb5ac8e7d79fdd - b398fcbe4de1e1100867fdb6f447c6fbc8fe7085
Linux/Linux 12d50801497235956fb3760be8530f4e44e4ce67
Linux/Linux 5.14.10 - 5.15
Linux/Linux 5.15
Linux/Linux 5.15.12 - 5.15.*
Linux/Linux 5.16
linux/linux_kernel 5.16 rc1 (6 CPE variants)
linux/linux_kernel 5.15 - 5.15.12
Published Mar 04, 2024
Tracked Since Feb 18, 2026