5.5
CVE-2021-46917
- EPSS 0.23%
- Veröffentlicht 27.02.2024 07:15:08
- Zuletzt bearbeitet 21.11.2024 06:34:55
- CVE-Watchlists
- Unerledigt
dmaengine: idxd: fix wq cleanup of WQCFG registers
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG registers was leaked into upstream code. Use wq reset command instead of blasting the MMIO region. This also address an issue where we clobber registers in future devices.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.8.0 < 5.10.32
Linux ≫ Linux Kernel Version >= 5.11.0 < 5.11.16
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.129 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
https://git.kernel.org/stable/c/e5eb9757fe4c2392e069246ae78badc573af1833
https://git.kernel.org/stable/c/ea9aadc06a9f10ad20a90edc0a484f1147d88a7a
https://git.kernel.org/stable/c/f7dc8f5619165e1fa3383d0c2519f502d9e2a1a9