Lucene search

[email protected]NVD:CVE-2021-43976

HistoryNov 17, 2021 - 5:15 p.m.

CVE-2021-43976

2021-11-1717:15:08

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

50.2%

JSON

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

Affected configurations

NVD

Node

linuxlinux_kernelRange≤5.15.2

Node

fedoraprojectfedoraMatch34

fedoraprojectfedoraMatch35

Node

debiandebian_linuxMatch9.0

debiandebian_linuxMatch10.0

debiandebian_linuxMatch11.0

Node

netappcloud_backupMatch-

Node

netapph300s_firmwareMatch-

AND

netapph300sMatch-

Node

netapph500s_firmwareMatch-

AND

netapph500sMatch-

Node

netapph700s_firmwareMatch-

AND

netapph700sMatch-

Node

netapph300e_firmwareMatch-

AND

netapph300eMatch-

Node

netapph500e_firmwareMatch-

AND

netapph500eMatch-

Node

netapph700e_firmwareMatch-

AND

netapph700eMatch-

Node

netapph410sMatch-

AND

netapph410s_firmwareMatch-

Node

netapph410c_firmwareMatch-

AND

netapph410cMatch-

Node

oraclecommunications_cloud_native_core_binding_support_functionMatch22.1.3

oraclecommunications_cloud_native_core_network_exposure_functionMatch22.1.1

oraclecommunications_cloud_native_core_policyMatch22.2.0

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84

lists.debian.org/debian-lts-announce/2022/03/msg00011.html

lists.debian.org/debian-lts-announce/2022/03/msg00012.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/

patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+%40Zekuns-MBP-16.fios-router.home/

security.netapp.com/advisory/ntap-20211210-0001/

www.debian.org/security/2022/dsa-5092

www.debian.org/security/2022/dsa-5096

www.oracle.com/security-alerts/cpujul2022.html

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

50.2%

JSON

Related for NVD:CVE-2021-43976

cnvd1 veracode1 cbl_mariner2 cvelist1 cve1 nessus38 redhatcve1 debiancve1 prion1 ubuntucve1 fedora6 openvas33 osv13 ubuntu6 cloudfoundry2 debian4 photon1 suse3 oraclelinux2 slackware1 rocky2 almalinux1 redhat7 oracle1