7.8

CVE-2021-47286

bus: mhi: core: Validate channel ID when processing command completions

In the Linux kernel, the following vulnerability has been resolved:

bus: mhi: core: Validate channel ID when processing command completions

MHI reads the channel ID from the event ring element sent by the
device which can be any value between 0 and 255. In order to
prevent any out of bound accesses, add a check against the maximum
number of channels supported by the controller and those channels
not configured yet so as to skip processing of that event ring
element.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.7 < 5.10.54
LinuxLinux Kernel Version >= 5.11 < 5.13.6
LinuxLinux Kernel Version5.14 Updaterc1
LinuxLinux Kernel Version5.14 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.137
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/3efec3b4b16fc7af25676a94230a8ab2a3bb867c
Patch
https://git.kernel.org/stable/c/546362a9ef2ef40b57c6605f14e88ced507f8dd0
Patch
https://git.kernel.org/stable/c/aed4f5b51aba41e2afd7cfda20a0571a6a67dfe9
Patch