CVE-2021-47485

Published May 22, 2024

Last updated 3 months ago

CVSS high 7.8

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all the places doing math on user controlled buffers.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-120

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3AEC86A-6474-4042-91D8-DD381C1F06DF",
            "versionEndExcluding": "4.4.292",
            "versionStartIncluding": "2.6.35"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85D8337A-4EA1-4787-85EA-4BF4328A9436",
            "versionEndExcluding": "4.9.290",
            "versionStartIncluding": "4.5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "436BD498-0DB1-4290-9A36-A52CB11B3AC3",
            "versionEndExcluding": "4.14.255",
            "versionStartIncluding": "4.10"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F384B60-1DBA-4E2B-9110-0087D95F30DB",
            "versionEndExcluding": "4.19.216",
            "versionStartIncluding": "4.15"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FBCA21B-424F-4B7F-A9A8-FDD64FE6BD3B",
            "versionEndExcluding": "5.4.157",
            "versionStartIncluding": "4.20"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26EB7ED9-AEA3-4829-8B5E-08571262F72A",
            "versionEndExcluding": "5.10.77",
            "versionStartIncluding": "5.5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2681B950-4548-4649-A9E1-4124B59FC09C",
            "versionEndExcluding": "5.14.16",
            "versionStartIncluding": "5.11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E9481B2-8AA6-4CBD-B5D3-C10F51FF6D01"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBD45831-4B79-42BC-ABC0-86870F0DEA89"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "948A6B8D-1B72-4945-8680-354E53BE1C80"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References