Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-cve / . / cve / published / 2021 / CVE-2021-47137.json
blob: bca7279b16b51824b0be83e99f51ddd21117d805 [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lantiq: fix memory corruption in RX ring\n\nIn a situation where memory allocation or dma mapping fails, an\ninvalid address is programmed into the descriptor. This can lead\nto memory corruption. If the memory allocation fails, DMA should\nreuse the previous skb and mapping and drop the packet. This patch\nalso increments rx drop counter."
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/lantiq_xrx200.c"
],
"versions": [
{
"version": "fe1a56420cf2ec28c8eceef672b87de0bbe1a260",
"lessThan": "8bb1077448d43a871ed667520763e3b9f9b7975d",
"status": "affected",
"versionType": "git"
},
{
"version": "fe1a56420cf2ec28c8eceef672b87de0bbe1a260",
"lessThan": "5ac72351655f8b033a2935646f53b7465c903418",
"status": "affected",
"versionType": "git"
},
{
"version": "fe1a56420cf2ec28c8eceef672b87de0bbe1a260",
"lessThan": "46dd4abced3cb2c912916f4a5353e0927db0c4a2",
"status": "affected",
"versionType": "git"
},
{
"version": "fe1a56420cf2ec28c8eceef672b87de0bbe1a260",
"lessThan": "c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/lantiq_xrx200.c"
],
"versions": [
{
"version": "4.20",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.20",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.124",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.42",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.12.9",
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.13",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.124"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.10.42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.12.9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.13"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d"
},
{
"url": "https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418"
},
{
"url": "https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2"
},
{
"url": "https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20"
}
],
"title": "net: lantiq: fix memory corruption in RX ring",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2021-47137",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}