Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-47170HistoryMar 25, 2024 - 10:15 a.m.
CVE-2021-47170
2024-03-2510:15:08
Debian Security Bug Tracker
security-tracker.debian.org
5
linux
kernel
usb
vulnerability
memory allocation
security
patch
cve-2021-47170
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don’t WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn’t a bug in the kernel; it’s merely an invalid request from the user and the usbfs code does handle it correctly. In theory the same thing can happen with async transfers, or with the packet descriptor table for isochronous transfers. To prevent the MM subsystem from complaining about these bad allocation requests, add the __GFP_NOWARN flag to the kmalloc calls for these buffers.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
| Debian | 11 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
| Debian | 999 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
| Debian | 13 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
Related
nvd
nvd
CVE-2021-47170
2024-03-25 10:15:08
cve
cve
CVE-2021-47170
2024-03-25 10:15:08
redhatcve
redhatcve
CVE-2021-47170
2024-03-25 17:54:06
ubuntucve
ubuntucve
CVE-2021-47170
2024-03-25 00:00:00
cvelist
cvelist
nessus
nessus
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)
2024-04-29 00:00:00
RHEL 6 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00