CVE-2021-46993

sched: Fix out-of-bound access in uclamp

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

sched: Fix out-of-bound access in uclamp

Util-clamp places tasks in different buckets based on their clamp values
for performance reasons. However, the size of buckets is currently
computed using a rounding division, which can lead to an off-by-one
error in some configurations.

For instance, with 20 buckets, the bucket size will be 1024/20=51. A
task with a clamp of 1024 will be mapped to bucket id 1024/51=20. Sadly,
correct indexes are in range [0,19], hence leading to an out of bound
memory access.

Clamp the bucket id to fix the issue.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: sched: corrige el acceso fuera de los límites en uclamp Util-clamp coloca las tareas en diferentes depósitos según sus valores de fijación por razones de rendimiento. Sin embargo, el tamaño de los depósitos se calcula actualmente mediante una división de redondeo, lo que puede provocar un error de uno por uno en algunas configuraciones. Por ejemplo, con 20 depósitos, el tamaño del depósito será 1024/20=51. Una tarea con una abrazadera de 1024 se asignará al ID del depósito 1024/51=20. Lamentablemente, los índices correctos están en el rango [0,19], lo que provoca un acceso a la memoria fuera de los límites. Sujete la identificación del depósito para solucionar el problema.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-27 CVE Reserved
2024-02-28 CVE Published
2024-02-29 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/69842cba9ace84849bb9b8edcdf2cefccd97901c	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/687f523c134b7f0bd040ee1230f6d17990d54172	2021-05-19
https://git.kernel.org/stable/c/f7347c85490b92dd144fa1fba9e1eca501656ab3	2021-05-19
https://git.kernel.org/stable/c/3da3f804b82a0a382d523a21acf4cf3bb35f936d	2021-05-19
https://git.kernel.org/stable/c/42ee47c7e3569d9a0e2cb5053c496d97d380472f	2021-05-19
https://git.kernel.org/stable/c/6d2f8909a5fabb73fe2a63918117943986c39b6c	2021-05-06

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.3 < 5.4.120 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.3 < 5.4.120"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.3 < 5.10.38 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.3 < 5.10.38"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.3 < 5.11.22 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.3 < 5.11.22"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.3 < 5.12.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.3 < 5.12.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.3 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.3 < 5.13"		en		Affected