CVE-2021-43389

Опубликовано: 04 нояб. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

Ссылки

http://www.openwall.com/lists/oss-security/2021/11/05/1
Mailing List
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2013180
Issue Tracking
Patch
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15
Mailing List
Release Notes
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d
Mailing List
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
Mailing List
Third Party Advisory
https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/
https://seclists.org/oss-sec/2021/q4/39
Exploit
Mailing List
Third Party Advisory
https://www.debian.org/security/2022/dsa-5096
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/11/05/1
Mailing List
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2013180
Issue Tracking
Patch
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15
Mailing List
Release Notes
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d
Mailing List
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
Mailing List
Third Party Advisory
https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/
https://seclists.org/oss-sec/2021/q4/39
Exploit
Mailing List
Third Party Advisory
https://www.debian.org/security/2022/dsa-5096
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 5.14.15 (исключая)

Конфигурация 2

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 0%

0.00008

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2021-43389

CVSS3: 5.5

ubuntu

больше 3 лет назад

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

CVE-2021-43389

CVSS3: 5.5

redhat

почти 4 года назад

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

CVE-2021-43389

CVSS3: 5.5

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-43389

CVSS3: 5.5

debian

больше 3 лет назад

An issue was discovered in the Linux kernel before 5.14.15. There is a ...

GHSA-7pcx-9wjr-42p4

CVSS3: 5.5

github

около 3 лет назад

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

EPSS

Процентиль: 0%

0.00008

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125