CVE-2021-47251

Summary

In the Linux kernel, the following vulnerability has been resolved:

mac80211: fix skb length check in ieee80211_scan_rx()

Replace hard-coded compile-time constants for header length check with dynamic determination based on the frame type. Otherwise, we hit a validation WARN_ON in cfg80211 later.

[style fixes, reword commit message]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxcd418ba63f0c2f6157f35a41c9accc6ecb52590a < 5a1cd67a801cf5ef989c4783e07b86a25b143126affected
LinuxLinuxcd418ba63f0c2f6157f35a41c9accc6ecb52590a < d1b949c70206178b12027f66edc088d40375b5cbaffected
LinuxLinuxcd418ba63f0c2f6157f35a41c9accc6ecb52590a < e298aa358f0ca658406d524b6639fe389cb6e11eaffected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux5.10.46 <= 5.10.*unaffected
LinuxLinux5.12.13 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References