CVE-2021-47137
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: lantiq: fix memory corruption in RX ring
In a situation where memory allocation or dma mapping fails, an invalid address is programmed into the descriptor. This can lead to memory corruption. If the memory allocation fails, DMA should reuse the previous skb and mapping and drop the packet. This patch also increments rx drop counter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | fe1a56420cf2ec28c8eceef672b87de0bbe1a260 < 8bb1077448d43a871ed667520763e3b9f9b7975d | affected |
| Linux | Linux | fe1a56420cf2ec28c8eceef672b87de0bbe1a260 < 5ac72351655f8b033a2935646f53b7465c903418 | affected |
| Linux | Linux | fe1a56420cf2ec28c8eceef672b87de0bbe1a260 < 46dd4abced3cb2c912916f4a5353e0927db0c4a2 | affected |
| Linux | Linux | fe1a56420cf2ec28c8eceef672b87de0bbe1a260 < c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20 | affected |
| Linux | Linux | 4.20 | affected |
| Linux | Linux | 0 < 4.20 | unaffected |
| Linux | Linux | 5.4.124 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.42 <= 5.10.* | unaffected |
| Linux | Linux | 5.12.9 <= 5.12.* | unaffected |
| Linux | Linux | 5.13 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d
- https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418
- https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2
- https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20
References
- https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d
- https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418
- https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2
- https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.