CVE-2021-28971

Опубликовано: 22 мар. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.

Ссылки

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d88d05a9e0b6d9356e97129d4ff9942d765f46ea
Mailing List
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/
https://security.netapp.com/advisory/ntap-20210430-0003/
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d88d05a9e0b6d9356e97129d4ff9942d765f46ea
Mailing List
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/
https://security.netapp.com/advisory/ntap-20210430-0003/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 5.11.8 (включая)

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00024

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-755

Связанные уязвимости

CVE-2021-28971

CVSS3: 5.5

ubuntu

около 4 лет назад

CVE-2021-28971

CVSS3: 4.7

redhat

около 4 лет назад

CVE-2021-28971

CVSS3: 5.5

msrc

около 4 лет назад

Описание отсутствует

CVE-2021-28971

CVSS3: 5.5

debian

около 4 лет назад

In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux ...

GHSA-xjrj-6839-jg74

CVSS3: 5.5

github

около 3 лет назад

EPSS

Процентиль: 5%

0.00024

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-755