CVE-2021-47336 : In the Linux kernel, the following vulnerability has been resolved: smackfs: re

In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smk_set_cipso() Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date: Mon, 12 Apr 2021 22:25:06 +0900 Subject: [PATCH] smackfs: restrict bytes count in smk_set_cipso() Commit 7ef4c19d245f3dc2 ("smackfs: restrict bytes count in smackfs write functions") missed that count > SMK_CIPSOMAX check applies to only format == SMK_FIXED24_FMT case.

Published 2024-05-21 14:35:46

Updated 2025-05-12 19:58:43

Source Linux

View at NVD, CVE.org

Products affected by CVE-2021-47336

Linux » Linux Kernel
Versions from including (>=) 4.20 and before (<) 5.4.133
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.12.18
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.13 and before (<) 5.13.3
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.51
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.15 and before (<) 4.19.198
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 4.9.276
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.10 and before (<) 4.14.240
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-47336

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 10 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-47336

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST	2025-05-12
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2021-47336

https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766

smackfs: restrict bytes count in smk_set_cipso() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d

smackfs: restrict bytes count in smk_set_cipso() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0

smackfs: restrict bytes count in smk_set_cipso() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca

smackfs: restrict bytes count in smk_set_cipso() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd

smackfs: restrict bytes count in smk_set_cipso() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6

smackfs: restrict bytes count in smk_set_cipso() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b

smackfs: restrict bytes count in smk_set_cipso() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2

smackfs: restrict bytes count in smk_set_cipso() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2021-47336

Products affected by CVE-2021-47336

Exploit prediction scoring system (EPSS) score for CVE-2021-47336

CVSS scores for CVE-2021-47336

References for CVE-2021-47336