Lucene search
GoogleOSV:CVE-2021-47605HistoryJun 19, 2024 - 3:15 p.m.
CVE-2021-47605
2024-06-1915:15:55
Google
osv.dev
3
linux kernel
memory corruption
vduse_dev_ioctl
out of bounds
u32
software
AI Score
9.3
Confidence
High
In the Linux kernel, the following vulnerability has been resolved:
vduse: fix memory corruption in vduse_dev_ioctl()
The “config.offset” comes from the user. There needs to a check to
prevent it being out of bounds. The “config.offset” and
“dev->config_size” variables are both type u32. So if the offset if
out of bounds then the “dev->config_size - config.offset” subtraction
results in a very high u32 value. The out of bounds offset can result
in memory corruption.
Related
vulnrichment
vulnrichment
CVE-2021-47605 vduse: fix memory corruption in vduse_dev_ioctl()
2024-06-19 14:54:04
debiancve
debiancve
CVE-2021-47605
2024-06-19 15:15:55
cvelist
cvelist
CVE-2021-47605 vduse: fix memory corruption in vduse_dev_ioctl()
2024-06-19 14:54:04
redhatcve
redhatcve
CVE-2021-47605
2024-06-20 10:55:30
ubuntucve
ubuntucve
CVE-2021-47605
2024-06-19 00:00:00
cve
cve
CVE-2021-47605
2024-06-19 15:15:55
nvd
nvd
CVE-2021-47605
2024-06-19 15:15:55
osv
osv
UBUNTU-CVE-2021-47605
2024-06-19 15:15:00
Security update for the Linux Kernel
2024-07-10 16:03:48
Security update for the Linux Kernel
2024-07-09 15:03:45
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2394-1)
2024-07-11 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2372-1)
2024-07-10 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2372-1)
2024-07-12 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2394-1)
2024-07-12 00:00:00