7.8 CVE-2021-47485

Patch
 

In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all the places doing math on user controlled buffers.
https://nvd.nist.gov/vuln/detail/CVE-2021-47485

Categories

CWE-120

References


 

CPE

cpe start end
Configuration 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 2.6.35 < 4.4.292
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 4.5 < 4.9.290
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 4.10 < 4.14.255
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 4.15 < 4.19.216
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 4.20 < 5.4.157
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 5.5 < 5.10.77
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 5.11 < 5.14.16
cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:*

REMEDIATION

Patch

Url
https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952
https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724
https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad
https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d
https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42
https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0
https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780
https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be
https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952
https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724
https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad
https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d
https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42
https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0
https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780
https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be

EXPLOITS

Exploit-db.com

id description date
No known exploits

POC Github

Url

Other Nist (github, ...)

Url
No known exploits

CAPEC

Common Attack Pattern Enumerations and Classifications

id description severity
No entry