5.5

CVE-2021-47432

lib/generic-radix-tree.c: Don't overflow in peek()

In the Linux kernel, the following vulnerability has been resolved:

lib/generic-radix-tree.c: Don't overflow in peek()

When we started spreading new inode numbers throughout most of the 64
bit inode space, that triggered some corner case bugs, in particular
some integer overflows related to the radix tree code. Oops.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 6.1.64
LinuxLinux Kernel Version >= 6.2 < 6.5.13
LinuxLinux Kernel Version >= 6.6 < 6.6.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.149
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac
Patch
https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0
Patch
https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437
Patch
https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c
Patch