CVE-2021-47586
net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
KASAN reports an out-of-bounds read in rk_gmac_setup on the line:
while (ops->regs[i]) {
This happens for most platforms since the regs flexible array member is
empty, so the memory after the ops structure is being read here. It
seems that mostly this happens to contain zero anyway, so we get lucky
and everything still works.
To avoid adding redundant data to nearly all the ops structures, add a
new flag to indicate whether the regs field is valid and avoid this loop
when it is not.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup KASAN informa una lectura fuera de los límites en rk_gmac_setup en la línea: while (ops->regs[i]) { Esto sucede en la mayoría de las plataformas, ya que el miembro de la matriz flexible regs está vacío, por lo que aquí se lee la memoria después de la estructura de operaciones. Parece que la mayor parte de esto contiene cero de todos modos, así que tenemos suerte y todo sigue funcionando. Para evitar agregar datos redundantes a casi todas las estructuras de operaciones, agregue un nuevo indicador para indicar si el campo regs es válido y evite este bucle cuando no lo sea.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-24 CVE Reserved
- 2024-06-19 CVE Published
- 2024-06-20 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/3bb3d6b1c1957e88bfc5e77a4557f7e6ba761fe3 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://git.kernel.org/stable/c/0b4a5d1e15ce72f69be48f38dc0401dab890ae0f | 2021-12-22 | |
https://git.kernel.org/stable/c/0546b224cc7717cc8a2db076b0bb069a9c430794 | 2021-12-16 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.14 < 5.15.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.15.11" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.14 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.16" | en |
Affected
|