CVE-2021-47138
cxgb4: avoid accessing registers when clearing filters
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
cxgb4: avoid accessing registers when clearing filters
Hardware register having the server TID base can contain
invalid values when adapter is in bad state (for example,
due to AER fatal error). Reading these invalid values in the
register can lead to out-of-bound memory access. So, fix
by using the saved server TID base when clearing filters.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cxgb4: evita acceder a los registros al borrar los filtros El registro de hardware que tiene la base TID del servidor puede contener valores no válidos cuando el adaptador está en mal estado (por ejemplo, debido a un error fatal de AER). Leer estos valores no válidos en el registro puede provocar un acceso a la memoria fuera de límites. Por lo tanto, solucione el problema utilizando la base TID del servidor guardado al borrar los filtros.
A vulnerability was found in the Linux kernel whereby hardware registries that have the server TID base may contain invalid values when the adapter is in a bad state. Reading these invalid values can result in out-of-bounds memory access, which can cause memory corruption or crashes.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-04 CVE Reserved
- 2024-03-25 CVE Published
- 2024-03-26 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/b1a79360ee862f8ada4798ad2346fa45bb41b527 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2021-47138 | 2024-09-04 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2271484 | 2024-09-04 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 5.4.124 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.4.124" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 5.10.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.10.42" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 5.12.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.12.9" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.13" | en |
Affected
|