Vulnerability Details : CVE-2021-42739

A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Vulnerability category: OverflowMemory Corruption

Published 2021-10-20 07:15:09

Updated 2022-11-07 19:04:12

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2021-42739

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2021-42739

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	nvd@nist.gov
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	0.8	5.9	nvd@nist.gov
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-42739

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-42739

https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/

[PATCH] media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() - Dan Carpenter
Patch;Vendor Advisory
https://www.starwindsoftware.com/security/sw-20220804-0001/

CVE-2021-42739 Linux kernel vulnerability in StarWind products
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1951739

1951739 – (CVE-2021-42739) CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver
Issue Tracking;Mitigation;Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html

Oracle Critical Patch Update Advisory - July 2022
Patch;Third Party Advisory

CVEs referencing this url

Products affected by CVE-2021-42739

Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions up to, including, (<=) 5.14.13
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Cloud Native Core Policy » Version: 22.2.0
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Cloud Native Core Binding Support Function » Version: 22.1.3
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Cloud Native Core Network Exposure Function » Version: 22.1.1
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 33
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 34
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 35
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Matching versions
Starwindsoftware » Starwind San & Nas » Version: V8r12
cpe:2.3:a:starwindsoftware:starwind_san_\&_nas:v8r12:*:*:*:*:*:*:*
Matching versions
Starwindsoftware » Starwind Virtual San » Version: V8r13 Update 14338
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8r13:14338:*:*:*:*:*:*
Matching versions