Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-47159HistoryMar 25, 2024 - 10:15 a.m.
CVE-2021-47159
2024-03-2510:15:08
Debian Security Bug Tracker
security-tracker.debian.org
6
linux kernel
net dsa
get_sset_count failure
memory corruption
system crash
type promotion
error code.
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix a crash if ->get_sset_count() fails If ds->ops->get_sset_count() fails then it “count” is a negative error code such as -EOPNOTSUPP. Because “i” is an unsigned int, the negative error code is type promoted to a very high value and the loop will corrupt memory until the system crashes. Fix this by checking for error codes and changing the type of “i” to just int.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
| Debian | 11 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
| Debian | 999 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
| Debian | 13 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
Related
cvelist
cvelist
CVE-2021-47159 net: dsa: fix a crash if ->get_sset_count() fails
2024-03-25 09:16:13
redhatcve
redhatcve
CVE-2021-47159
2024-03-25 17:53:35
cve
cve
CVE-2021-47159
2024-03-25 10:15:08
nvd
nvd
CVE-2021-47159
2024-03-25 10:15:08
ubuntucve
ubuntucve
CVE-2021-47159
2024-03-25 00:00:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1648-1)
2024-05-15 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)
2024-05-15 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1870-1)
2024-05-31 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1643-1)
2024-05-15 00:00:00