CVE-2021-47040

EPSS 0.02%
Veröffentlicht 28.02.2024 09:15:39
Zuletzt bearbeitet 09.01.2025 15:29:49
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix overflows checks in provide buffers

Colin reported before possible overflow and sign extension problems in
io_provide_buffers_prep(). As Linus pointed out previous attempt did nothing
useful, see d81269fecb8ce ("io_uring: fix provide_buffers sign extension").

Do that with help of check_<op>_overflow helpers. And fix struct
io_provide_buf::len type, as it doesn't make much sense to keep it
signed.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.8 < 5.10.37

Linux ≫ Linux Kernel Version >= 5.11 < 5.11.21

Linux ≫ Linux Kernel Version >= 5.12 < 5.12.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.031

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://git.kernel.org/stable/c/38134ada0ceea3e848fe993263c0ff6207fd46e7

Patch

https://git.kernel.org/stable/c/51bf90901952aaac564bbdb36b2b503050c53dd9

Patch

https://git.kernel.org/stable/c/84b8c266c4bfe9ed5128e13253c388deb74b1b03

Patch

https://git.kernel.org/stable/c/cbbc13b115b8f18e0a714d89f87fbdc499acfe2d

Patch

https://nvd.nist.gov/vuln/detail/CVE-2021-47040

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-47040

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-47040

EUVD