Linux · Linux Kernel · CVE-2021-47005
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to a NULL pointer dereference in the `pci epf test alloc space` function when the `get features` ops of `pci epc ops` return NULL. This occurs when EPC features are not implemented in the platform driver. To avoid the NULL pointer dereference, a check for the `pci epc feature` pointer in `pci epf test bind` has been added, and the function will return `-ENOTSUPP` if the feature is not found. The vulnerability causes a kernel NULL pointer dereference, resulting in a dump with a call trace that includes functions such as `pci epf test bind`, `pci epf bind`, and `pci epc epf link`.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.