Vulnerability Details : CVE-2021-47137
In the Linux kernel, the following vulnerability has been resolved:
net: lantiq: fix memory corruption in RX ring
In a situation where memory allocation or dma mapping fails, an
invalid address is programmed into the descriptor. This can lead
to memory corruption. If the memory allocation fails, DMA should
reuse the previous skb and mapping and drop the packet. This patch
also increments rx drop counter.
Vulnerability category: Memory Corruption
Products affected by CVE-2021-47137
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2021-47137
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 15 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-47137
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-11-05 |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
N/A
|
N/A
|
RedHat-CVE-2021-47137 | 2024-03-25 |
CWE ids for CVE-2021-47137
-
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
References for CVE-2021-47137
-
https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d
net: lantiq: fix memory corruption in RX ring - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418
net: lantiq: fix memory corruption in RX ring - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2
net: lantiq: fix memory corruption in RX ring - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20
net: lantiq: fix memory corruption in RX ring - kernel/git/stable/linux.git - Linux kernel stable tree
Jump to