5.5

CVE-2021-46917

EPSS 0.03%
Veröffentlicht 27.02.2024 07:15:08
Zuletzt bearbeitet 21.11.2024 06:34:55
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: fix wq cleanup of WQCFG registers

A pre-release silicon erratum workaround where wq reset does not clear
WQCFG registers was leaked into upstream code. Use wq reset command
instead of blasting the MMIO region. This also address an issue where
we clobber registers in future devices.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.8.0 < 5.10.32

Linux ≫ Linux Kernel Version >= 5.11.0 < 5.11.16

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.057

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-668 Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

https://git.kernel.org/stable/c/e5eb9757fe4c2392e069246ae78badc573af1833

Patch

https://git.kernel.org/stable/c/ea9aadc06a9f10ad20a90edc0a484f1147d88a7a

Patch

https://git.kernel.org/stable/c/f7dc8f5619165e1fa3383d0c2519f502d9e2a1a9

Patch

https://nvd.nist.gov/vuln/detail/CVE-2021-46917

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-46917

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-46917

EUVD