Vulnerability Details : CVE-2021-28972

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.
Publish Date : 2021-03-22 Last Update Date : 2022-06-03

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

CVSS Score	7.2
Confidentiality Impact	Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact	Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact	Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity	Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Overflow
CWE ID	120

- Products Affected By CVE-2021-28972

#	Product Type	Vendor	Product	Version	Update	Edition	Language
1	OS	Fedoraproject	Fedora	32	*	*	*	Version Details Vulnerabilities
2	OS	Fedoraproject	Fedora	33	*	*	*	Version Details Vulnerabilities
3	OS	Fedoraproject	Fedora	34	*	*	*	Version Details Vulnerabilities
4	OS	Linux	Linux Kernel	*	*	*	*	Version Details Vulnerabilities
5	Application	Netapp	Cloud Backup	-	*	*	*	Version Details Vulnerabilities
6	Application	Netapp	Fas\/aff Baseboard Management Controller	-	*	*	*	Version Details Vulnerabilities
7	OS	Netapp	Solidfire Baseboard Management Controller Firmware	-	*	*	*	Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
Fedoraproject	Fedora	3
Linux	Linux Kernel	1
Netapp	Cloud Backup	1
Netapp	Fas\/aff Baseboard Management Controller	1
Netapp	Solidfire Baseboard Management Controller Firmware	1

- References For CVE-2021-28972

https://security.netapp.com/advisory/ntap-20210430-0003/ CONFIRM

https://lists.fedoraproject.org/archives/list/[email protected]/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/
FEDORA FEDORA-2021-9503fffad9

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678

https://lists.fedoraproject.org/archives/list/[email protected]/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/
FEDORA FEDORA-2021-e636ce53df

https://lists.fedoraproject.org/archives/list/[email protected]/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/
FEDORA FEDORA-2021-68b0dd2373

- Metasploit Modules Related To CVE-2021-28972

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)