CVE-2021-47148

Summary

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context()

This function is called from ethtool_set_rxfh() and "*rss_context" comes from the user. Add some bounds checking to prevent memory corruption.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux81a4362016e7d8b17031fe1aa43cdb58a7f0f163 < 389146bc6d2bbb20714d06624b74856320ce40f7affected
LinuxLinux81a4362016e7d8b17031fe1aa43cdb58a7f0f163 < e5cc361e21648b75f935f9571d4003aaee480214affected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.12.9 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References