Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-cve / . / cve / published / 2021 / CVE-2021-47086.json
blob: 6b669a3023881eef01f8d2ff3cd4a6dcd09f355b [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphonet/pep: refuse to enable an unbound pipe\n\nThis ioctl() implicitly assumed that the socket was already bound to\na valid local socket name, i.e. Phonet object. If the socket was not\nbound, two separate problems would occur:\n\n1) We'd send an pipe enablement request with an invalid source object.\n2) Later socket calls could BUG on the socket unexpectedly being\n connected yet not bound to a valid object."
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/phonet/pep.c"
],
"versions": [
{
"version": "bdb6e697b2a76c541960b86ab8fda88f3de1adf2",
"lessThan": "0bbdd62ce9d44f3a22059b3d20a0df977d9f6d59",
"status": "affected",
"versionType": "git"
},
{
"version": "bdb6e697b2a76c541960b86ab8fda88f3de1adf2",
"lessThan": "b10c7d745615a092a50c2e03ce70446d2bec2aca",
"status": "affected",
"versionType": "git"
},
{
"version": "bdb6e697b2a76c541960b86ab8fda88f3de1adf2",
"lessThan": "311601f114859d586d5ef8833d60d3aa23282161",
"status": "affected",
"versionType": "git"
},
{
"version": "bdb6e697b2a76c541960b86ab8fda88f3de1adf2",
"lessThan": "982b6ba1ce626ef87e5c29f26f2401897554f235",
"status": "affected",
"versionType": "git"
},
{
"version": "bdb6e697b2a76c541960b86ab8fda88f3de1adf2",
"lessThan": "48c76fc53582e7f13c1e0b11c916e503256c4d0b",
"status": "affected",
"versionType": "git"
},
{
"version": "bdb6e697b2a76c541960b86ab8fda88f3de1adf2",
"lessThan": "52ad5da8e316fa11e3a50b3f089aa63e4089bf52",
"status": "affected",
"versionType": "git"
},
{
"version": "bdb6e697b2a76c541960b86ab8fda88f3de1adf2",
"lessThan": "53ccdc73eedaf0e922c45b569b797d2796fbaafa",
"status": "affected",
"versionType": "git"
},
{
"version": "bdb6e697b2a76c541960b86ab8fda88f3de1adf2",
"lessThan": "75a2f31520095600f650597c0ac41f48b5ba0068",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/phonet/pep.c"
],
"versions": [
{
"version": "3.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.3",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.4.297",
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.9.295",
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.260",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.223",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.169",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.89",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.12",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.16",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "4.4.297"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "4.9.295"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "4.14.260"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "4.19.223"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "5.4.169"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "5.10.89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "5.15.12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "5.16"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0bbdd62ce9d44f3a22059b3d20a0df977d9f6d59"
},
{
"url": "https://git.kernel.org/stable/c/b10c7d745615a092a50c2e03ce70446d2bec2aca"
},
{
"url": "https://git.kernel.org/stable/c/311601f114859d586d5ef8833d60d3aa23282161"
},
{
"url": "https://git.kernel.org/stable/c/982b6ba1ce626ef87e5c29f26f2401897554f235"
},
{
"url": "https://git.kernel.org/stable/c/48c76fc53582e7f13c1e0b11c916e503256c4d0b"
},
{
"url": "https://git.kernel.org/stable/c/52ad5da8e316fa11e3a50b3f089aa63e4089bf52"
},
{
"url": "https://git.kernel.org/stable/c/53ccdc73eedaf0e922c45b569b797d2796fbaafa"
},
{
"url": "https://git.kernel.org/stable/c/75a2f31520095600f650597c0ac41f48b5ba0068"
}
],
"title": "phonet/pep: refuse to enable an unbound pipe",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2021-47086",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}