Veracode Vulnerability DatabaseVERACODE:34349Out-of-bounds Write
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
Linux kernel is vulnerable to Out-of-bounds Write attack. The vulnerability exist in hw_atl_utils.c file allows an attacker to trigger an out-of-bounds write via a crafted length value.
References
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-43975
git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496
lists.debian.org/debian-lts-announce/2022/03/msg00012.html
lists.fedoraproject.org/archives/list/[email protected]/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/
lists.fedoraproject.org/archives/list/[email protected]/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/
lore.kernel.org/netdev/163698540868.13805.17800408021782408762.git-patchwork-notify@kernel.org/T/
security.netapp.com/advisory/ntap-20211210-0001/
www.debian.org/security/2022/dsa-5096
Related
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P