CVE-2021-46965

mtd: physmap: physmap-bt1-rom: Fix unintentional stack access

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

mtd: physmap: physmap-bt1-rom: Fix unintentional stack access

Cast &data to (char *) in order to avoid unintentionally accessing
the stack.

Notice that data is of type u32, so any increment to &data
will be in the order of 4-byte chunks, and this piece of code
is actually intended to be a byte offset.

Addresses-Coverity-ID: 1497765 ("Out-of-bounds access")

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mtd: physmap: physmap-bt1-rom: corrige el acceso involuntario a la pila. Transmite &data a (char *) para evitar el acceso involuntario a la pila. Tenga en cuenta que los datos son de tipo u32, por lo que cualquier incremento en &data será del orden de fragmentos de 4 bytes, y este fragmento de código en realidad está destinado a ser un desplazamiento de bytes. Direcciones-Coverity-ID: 1497765 ("Acceso fuera de límites")

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-27 CVE Reserved
2024-02-27 CVE Published
2024-02-28 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/b3e79e7682e075326df8041b826b03453acacd0a	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/34ec706bf0b7c4ca249a729c1bcb91f706c7a7be	2021-05-11
https://git.kernel.org/stable/c/4e4ebb827bf09311469ffd9d0c14ed40ed9747aa	2021-05-12
https://git.kernel.org/stable/c/4d786870e3262ec098a3b4ed10b895176bc66ecb	2021-05-12
https://git.kernel.org/stable/c/683313993dbe1651c7aa00bb42a041d70e914925	2021-03-11

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.10.36 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.10.36"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.11.20 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.11.20"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.12.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.12.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.13"		en		Affected