CVE-2021-47485

{"id": "CVE-2021-47485", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-05-22T09:15:10.503", "references": [{"url": "https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/0d4395477741608d123dad51def9fe50b7ebe952", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/0f8cdfff06829a0b0348b6debc29ff6a61967724", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/3f57c3f67fd93b4da86aeffea1ca32c484d054ad", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/60833707b968d5ae02a75edb7886dcd4a957cf0d", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/73d2892148aa4397a885b4f4afcfc5b27a325c42", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/bda41654b6e0c125a624ca35d6d20beb8015b5d0", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/c3e17e58f571f34c51aeb17274ed02c2ed5cf780", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/d39bf40e55e666b5905fdbd46a0dced030ce87be", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields\n\nOverflowing either addrlimit or bytes_togo can allow userspace to trigger\na buffer overflow of kernel memory. Check for overflows in all the places\ndoing math on user controlled buffers."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: IB/qib: Protege contra el desbordamiento del b\u00fafer en los campos de struct qib_user_sdma_pkt. El desbordamiento de addrlimit o bytes_togo puede permitir que el espacio de usuario desencadene un desbordamiento del b\u00fafer de la memoria del kernel. Compruebe si hay desbordamientos en todos los lugares que realizan c\u00e1lculos en b\u00faferes controlados por el usuario."}], "lastModified": "2025-01-06T19:53:06.807", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3AEC86A-6474-4042-91D8-DD381C1F06DF", "versionEndExcluding": "4.4.292", "versionStartIncluding": "2.6.35"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85D8337A-4EA1-4787-85EA-4BF4328A9436", "versionEndExcluding": "4.9.290", "versionStartIncluding": "4.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "436BD498-0DB1-4290-9A36-A52CB11B3AC3", "versionEndExcluding": "4.14.255", "versionStartIncluding": "4.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F384B60-1DBA-4E2B-9110-0087D95F30DB", "versionEndExcluding": "4.19.216", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FBCA21B-424F-4B7F-A9A8-FDD64FE6BD3B", "versionEndExcluding": "5.4.157", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26EB7ED9-AEA3-4829-8B5E-08571262F72A", "versionEndExcluding": "5.10.77", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2681B950-4548-4649-A9E1-4124B59FC09C", "versionEndExcluding": "5.14.16", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E9481B2-8AA6-4CBD-B5D3-C10F51FF6D01"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBD45831-4B79-42BC-ABC0-86870F0DEA89"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "948A6B8D-1B72-4945-8680-354E53BE1C80"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}