5.5

CVE-2021-47086

phonet/pep: refuse to enable an unbound pipe

In the Linux kernel, the following vulnerability has been resolved:

phonet/pep: refuse to enable an unbound pipe

This ioctl() implicitly assumed that the socket was already bound to
a valid local socket name, i.e. Phonet object. If the socket was not
bound, two separate problems would occur:

1) We'd send an pipe enablement request with an invalid source object.
2) Later socket calls could BUG on the socket unexpectedly being
   connected yet not bound to a valid object.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.4.297
LinuxLinux Kernel Version >= 4.5 < 4.9.295
LinuxLinux Kernel Version >= 4.10 < 4.14.260
LinuxLinux Kernel Version >= 4.15 < 4.19.223
LinuxLinux Kernel Version >= 4.20 < 5.4.169
LinuxLinux Kernel Version >= 5.5 < 5.10.89
LinuxLinux Kernel Version >= 5.11 < 5.15.12
LinuxLinux Kernel Version5.16 Updaterc1
LinuxLinux Kernel Version5.16 Updaterc2
LinuxLinux Kernel Version5.16 Updaterc3
LinuxLinux Kernel Version5.16 Updaterc4
LinuxLinux Kernel Version5.16 Updaterc5
LinuxLinux Kernel Version5.16 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.13
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/0bbdd62ce9d44f3a22059b3d20a0df977d9f6d59
Patch
https://git.kernel.org/stable/c/311601f114859d586d5ef8833d60d3aa23282161
Patch
https://git.kernel.org/stable/c/48c76fc53582e7f13c1e0b11c916e503256c4d0b
Patch
https://git.kernel.org/stable/c/52ad5da8e316fa11e3a50b3f089aa63e4089bf52
Patch
https://git.kernel.org/stable/c/53ccdc73eedaf0e922c45b569b797d2796fbaafa
Patch
https://git.kernel.org/stable/c/75a2f31520095600f650597c0ac41f48b5ba0068
Patch
https://git.kernel.org/stable/c/982b6ba1ce626ef87e5c29f26f2401897554f235
Patch
https://git.kernel.org/stable/c/b10c7d745615a092a50c2e03ce70446d2bec2aca
Patch