Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-47138

Опубликовано: 25 мар. 2024
Источник: nvd
CVSS3: 7.1
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

cxgb4: avoid accessing registers when clearing filters

Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the register can lead to out-of-bound memory access. So, fix by using the saved server TID base when clearing filters.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.2 (включая) до 5.4.124 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.5 (включая) до 5.10.42 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.11 (включая) до 5.12.9 (исключая)
cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*

EPSS

Процентиль: 3%
0.00016
Низкий

7.1 High

CVSS3

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2021-47138

CVSS3: 7.1
ubuntu
почти 2 года назад

In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the register can lead to out-of-bound memory access. So, fix by using the saved server TID base when clearing filters.

redhat логотип

CVE-2021-47138

CVSS3: 6
redhat
почти 2 года назад

In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the register can lead to out-of-bound memory access. So, fix by using the saved server TID base when clearing filters.

debian логотип

CVE-2021-47138

CVSS3: 7.1
debian
почти 2 года назад

In the Linux kernel, the following vulnerability has been resolved: c ...

github логотип

GHSA-qjmm-w6cw-3hf3

CVSS3: 7.1
github
почти 2 года назад

In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the register can lead to out-of-bound memory access. So, fix by using the saved server TID base when clearing filters.

fstec логотип

BDU:2025-13697

CVSS3: 6
fstec
больше 4 лет назад

Уязвимость функции clear_all_filters() модуля drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c - драйвера поддержки сетевых адаптеров Ethernet ядра операционной системы Linux, позволяющая нарушителю получить доступ к защищаемой информации или вызвать отказ в обслуживании.

EPSS

Процентиль: 3%
0.00016
Низкий

7.1 High

CVSS3

Дефекты

CWE-787