7.8

CVE-2021-47485

IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields

In the Linux kernel, the following vulnerability has been resolved:

IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields

Overflowing either addrlimit or bytes_togo can allow userspace to trigger
a buffer overflow of kernel memory. Check for overflows in all the places
doing math on user controlled buffers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.35 < 4.4.292
LinuxLinux Kernel Version >= 4.5 < 4.9.290
LinuxLinux Kernel Version >= 4.10 < 4.14.255
LinuxLinux Kernel Version >= 4.15 < 4.19.216
LinuxLinux Kernel Version >= 4.20 < 5.4.157
LinuxLinux Kernel Version >= 5.5 < 5.10.77
LinuxLinux Kernel Version >= 5.11 < 5.14.16
LinuxLinux Kernel Version5.15 Updaterc1
LinuxLinux Kernel Version5.15 Updaterc2
LinuxLinux Kernel Version5.15 Updaterc3
LinuxLinux Kernel Version5.15 Updaterc4
LinuxLinux Kernel Version5.15 Updaterc5
LinuxLinux Kernel Version5.15 Updaterc6
LinuxLinux Kernel Version5.15 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.146
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952
Patch
https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724
Patch
https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad
Patch
https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d
Patch
https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42
Patch
https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0
Patch
https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780
Patch
https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be
Patch