LinuxVULNRICHMENT:CVE-2021-47101CVE-2021-47101 asix: fix uninit-value in asix_mdio_read()
In the Linux kernel, the following vulnerability has been resolved:
asix: fix uninit-value in asix_mdio_read()
asix_read_cmd() may read less than sizeof(smsr) bytes and in this case
smsr will be uninitialized.
Fail log:
BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]
BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497
BUG: KMSAN: uninit-value in asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497
asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]
asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497
asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "d9fe64e51114",
"lessThan": "d259f621c859",
"versionType": "git"
},
{
"status": "affected",
"version": "d9fe64e51114",
"lessThan": "8035b1a2a37a",
"versionType": "git"
}
],
"programFiles": [
"drivers/net/usb/asix_common.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "4.9"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "4.9",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.15.12",
"versionType": "custom",
"lessThanOrEqual": "5.15.*"
},
{
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/net/usb/asix_common.c"
],
"defaultStatus": "affected"
}
]Related
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial