9.8

CVE-2021-47548

ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()

In the Linux kernel, the following vulnerability has been resolved:

ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()

The if statement:
  if (port >= DSAF_GE_NUM)
        return;

limits the value of port less than DSAF_GE_NUM (i.e., 8).
However, if the value of port is 6 or 7, an array overflow could occur:
  port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off;

because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6).

To fix this possible array overflow, we first check port and if it is
greater than or equal to DSAF_MAX_PORT_NUM, the function returns.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.9.292
LinuxLinux Kernel Version >= 4.10 < 4.14.257
LinuxLinux Kernel Version >= 4.15 < 4.19.220
LinuxLinux Kernel Version >= 4.20 < 5.4.164
LinuxLinux Kernel Version >= 5.5 < 5.10.84
LinuxLinux Kernel Version >= 5.11 < 5.15.7
LinuxLinux Kernel Version5.16 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.36% 0.681
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
Patch
https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
Patch
https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
Patch
https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
Patch
https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
Patch
https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
Patch
https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
Patch