7.1

CVE-2021-47083

pinctrl: mediatek: fix global-out-of-bounds issue

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: mediatek: fix global-out-of-bounds issue

When eint virtual eint number is greater than gpio number,
it maybe produce 'desc[eint_n]' size globle-out-of-bounds issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.4.169
LinuxLinux Kernel Version >= 5.5 < 5.10.89
LinuxLinux Kernel Version >= 5.11 < 5.15.12
LinuxLinux Kernel Version5.16 Updaterc1
LinuxLinux Kernel Version5.16 Updaterc2
LinuxLinux Kernel Version5.16 Updaterc3
LinuxLinux Kernel Version5.16 Updaterc4
LinuxLinux Kernel Version5.16 Updaterc5
LinuxLinux Kernel Version5.16 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.132
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/2d5446da5acecf9c67db1c9d55ae2c3e5de01f8d
Patch
https://git.kernel.org/stable/c/441d3873664d170982922c5d2fc01fa89d9439ed
Patch
https://git.kernel.org/stable/c/f373298e1bf0c6ea097c0bcc558dc43ad53e421f
Patch
https://git.kernel.org/stable/c/fb563baa3eb8e7a15f2cff3c2695e2cca0493e69
Patch