CVE-2021-47267
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel USB gadget subsystem causes kernel panics when USB 3.1 (10Gbps) devices are connected to systems with vulnerable gadget drivers. This affects Linux systems using USB gadget functionality, particularly embedded devices and systems configured as USB peripherals. The vulnerability is triggered automatically when hardware conditions are met.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical reboot of affected device.
Likely Case
System crash when USB 3.1 (10Gbps) capable hardware is connected to vulnerable gadget configurations.
If Mitigated
No impact if USB gadget functionality is disabled or systems are patched.
🎯 Exploit Status
Exploitation requires physical access to USB port or USB-over-IP capability with 10Gbps hardware. Triggered automatically when conditions are met.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 032e288097a553db5653af552dd8035cd2a0ba96, 45f9a2fe737dc0a5df270787f2231aee8985cd59, 5ef23506695b01d5d56a13a092a97f2478069d75, 70cd19cb5bd94bbb5bacfc9c1e4ee0071699a604, b972eff874637402ddc4a7dd11fb22538a0b6d28
Vendor Advisory: https://git.kernel.org/stable/c/
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. For embedded systems, update firmware with patched kernel.
🔧 Temporary Workarounds
Disable USB gadget functionality
linuxRemove or disable USB gadget drivers if not needed
modprobe -r g_ether
modprobe -r g_mass_storage
modprobe -r [specific_gadget_driver]
Limit USB speed to 5Gbps
linuxConfigure gadget drivers to maximum speed of 5Gbps instead of default maximum
echo 5 > /sys/class/udc/[udc_name]/maximum_speed
🧯 If You Can't Patch
- Disable USB gadget functionality entirely if not required
- Physically restrict access to USB ports or use USB speed limiters
🔍 How to Verify
Check if Vulnerable:
Check if system uses USB gadget drivers and has kernel version before fix commits. Use: lsmod | grep '^g_' and uname -rCheck Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits: git log --oneline | grep -E '032e288097a5|45f9a2fe737d|5ef23506695b|70cd19cb5bd9|b972eff87463'📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in dmesg or system logs
- NULL pointer dereference errors mentioning usb_assign_descriptors
Network Indicators:
- Sudden loss of connectivity from USB gadget devices
SIEM Query:
source="kernel" AND ("panic" OR "NULL pointer dereference") AND "usb"🔗 References
- https://git.kernel.org/stable/c/032e288097a553db5653af552dd8035cd2a0ba96
- https://git.kernel.org/stable/c/45f9a2fe737dc0a5df270787f2231aee8985cd59
- https://git.kernel.org/stable/c/5ef23506695b01d5d56a13a092a97f2478069d75
- https://git.kernel.org/stable/c/70cd19cb5bd94bbb5bacfc9c1e4ee0071699a604
- https://git.kernel.org/stable/c/b972eff874637402ddc4a7dd11fb22538a0b6d28
- https://git.kernel.org/stable/c/ca6bc277430d90375452b60b047763a090b7673e
- https://git.kernel.org/stable/c/fd24be23abf3e94260be0f00bb42c7e91d495f87
- https://git.kernel.org/stable/c/032e288097a553db5653af552dd8035cd2a0ba96
- https://git.kernel.org/stable/c/45f9a2fe737dc0a5df270787f2231aee8985cd59
- https://git.kernel.org/stable/c/5ef23506695b01d5d56a13a092a97f2478069d75
- https://git.kernel.org/stable/c/70cd19cb5bd94bbb5bacfc9c1e4ee0071699a604
- https://git.kernel.org/stable/c/b972eff874637402ddc4a7dd11fb22538a0b6d28
- https://git.kernel.org/stable/c/ca6bc277430d90375452b60b047763a090b7673e
- https://git.kernel.org/stable/c/fd24be23abf3e94260be0f00bb42c7e91d495f87
