416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2021-47055

HistoryFeb 29, 2024 - 11:15 p.m.

CVE-2021-47055

2024-02-2923:15:07

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

mtd module

write permissions

badblock

vulnerability

memlock

memunlock

otplock

memsetbadblock

spi-nor

flashes

write-once

otplock

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

In the Linux kernel, the following vulnerability has been resolved:

mtd: require write permissions for locking and badblock ioctls

MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require
write permission. Depending on the hardware MEMLOCK might even be
write-once, e.g. for SPI-NOR flashes with their WP# tied to GND. OTPLOCK
is always write-once.

MEMSETBADBLOCK modifies the bad block table.

References

git.kernel.org/stable/c/077259f5e777c3c8821f6b41dee709fcda27306b

git.kernel.org/stable/c/1e97743fd180981bef5f01402342bb54bf1c6366

git.kernel.org/stable/c/5880afefe0cb9b2d5e801816acd58bfe91a96981

git.kernel.org/stable/c/75ed985bd6c8ac1d4e673e93ea9d96c9908c1d37

git.kernel.org/stable/c/7b6552719c0ccbbea29dde4be141da54fdb5877e

git.kernel.org/stable/c/9625b00cac6630479c0ff4b9fafa88bee636e1f0

git.kernel.org/stable/c/a08799d3e8c8088640956237c183f83463c39668

git.kernel.org/stable/c/f4d28d8b9b0e7c4ae04214b8d7e0b0466ec6bcaf

git.kernel.org/stable/c/f73b29819c6314c0ba8b7d5892dfb03487424bee