{"id":"CVE-2021-47631","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nARM: davinci: da850-evm: Avoid NULL pointer dereference\n\nWith newer versions of GCC, there is a panic in da850_evm_config_emac()\nwhen booting multi_v5_defconfig in QEMU under the palmetto-bmc machine:\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000020\npgd = (ptrval)\n[00000020] *pgd=00000000\nInternal error: Oops: 5 [#1] PREEMPT ARM\nModules linked in:\nCPU: 0 PID: 1 Comm: swapper Not tainted 5.15.0 #1\nHardware name: Generic DT based system\nPC is at da850_evm_config_emac+0x1c/0x120\nLR is at do_one_initcall+0x50/0x1e0\n\nThe emac_pdata pointer in soc_info is NULL because davinci_soc_info only\ngets populated on davinci machines but da850_evm_config_emac() is called\non all machines via device_initcall().\n\nMove the rmii_en assignment below the machine check so that it is only\ndereferenced when running on a supported SoC.","modified":"2026-03-15T22:43:16.378471Z","published":"2025-02-26T06:37:04.400Z","related":["SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1194-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1263-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/0940795c6834fbe7705acc5c3d4b2f7a5f67527a"},{"type":"FIX","url":"https://git.kernel.org/stable/c/0a312ec66a03133d28570f07bc52749ccfef54da"},{"type":"FIX","url":"https://git.kernel.org/stable/c/83a1cde5c74bfb44b49cb2a940d044bb2380f4ea"},{"type":"FIX","url":"https://git.kernel.org/stable/c/89931d4762572aaee6edbe5673d41f8082de110f"},{"type":"FIX","url":"https://git.kernel.org/stable/c/a12b356d45cbb6e8a1b718d1436b3d6239a862f3"},{"type":"FIX","url":"https://git.kernel.org/stable/c/c06f476e5b74bcabb8c4a2fba55864a37e62843b"},{"type":"FIX","url":"https://git.kernel.org/stable/c/c5628533a3ece64235d04fe11ec44d2be99e423d"},{"type":"FIX","url":"https://git.kernel.org/stable/c/c64e2ed5cc376e137e572babfd2edc38b2cfb61b"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"2.6.33"},{"fixed":"4.9.311"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.276"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.239"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.190"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.112"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.35"}]},{"events":[{"introduced":"5.16"},{"fixed":"5.17.4"}]},{"events":[{"introduced":"0"},{"last_affected":"5.18-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.18-rc2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47631.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}