CVE-2021-47548

CRITICAL EPSS 68.2%
Published May 24, 20242y ago · Modified Jun 17, 20262w ago
9.8 CVSS 3.1
Critical
Find Similar
Published May 24, 2024 2y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off; because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6). To fix this possible array overflow, we first check port and if it is greater than or equal to DSAF_MAX_PORT_NUM, the function returns.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
68.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-129

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel* <4.9.292
linuxlinux_kernel*≥4.10  –  <4.14.257
linuxlinux_kernel*≥4.15  –  <4.19.220
linuxlinux_kernel*≥4.20  –  <5.4.164
linuxlinux_kernel*≥5.5  –  <5.10.84
linuxlinux_kernel*≥5.11  –  <5.15.7
linuxlinux_kernel5.16any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
    Patch