CVE-2021-47348

CRITICAL EPSS 58.0%
Published May 21, 20242y ago · Modified Jun 17, 20262w ago
9.1 CVSS 3.1
Critical
Find Similar
Published May 21, 2024 2y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP over-read and corruption Instead of reading the desired 5 bytes of the actual target field, the code was reading 8. This could result in a corrupted value if the trailing 3 bytes were non-zero, so instead use an appropriately sized and zero-initialized bounce buffer, and read only 5 bytes before casting to u64.

CVSS Details

Base Score
9.1
Exploitability
3.9
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
58.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel* <5.10.51
linuxlinux_kernel*≥5.11  –  <5.12.18
linuxlinux_kernel*≥5.13  –  <5.13.3

References 4

  • git.kernel.org https://git.kernel.org/stable/c/06888d571b513cbfc0b41949948def6cb81021b2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3b2b93a485fb7a970bc8b5daef16f4cf579d172f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/44c7c901cb368a9f2493748f213b247b5872639f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c5b518f4b98dbb2bc31b6a55e6aaa1e0e2948f2e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/06888d571b513cbfc0b41949948def6cb81021b2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3b2b93a485fb7a970bc8b5daef16f4cf579d172f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/44c7c901cb368a9f2493748f213b247b5872639f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c5b518f4b98dbb2bc31b6a55e6aaa1e0e2948f2e
    Patch