CVE-2021-47642

HIGH EPSS 17.6%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidia_setup_i2c_bus() it looks like that can't happen after examiniing the call sites. CID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW) 1. fixed_size_dest: You might overrun the 48-character fixed-size string chan->adapter.name by copying name without checking the length. 2. parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function. 89 strcpy(chan->adapter.name, name); Fix this warning by using strscpy() which will silence the warning and prevent any future buffer overflows should the names used to identify the channel become much longer.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
17.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <4.9.311
linuxlinux_kernel*≥4.10  –  <4.14.276
linuxlinux_kernel*≥4.15  –  <4.19.238
linuxlinux_kernel*≥4.20  –  <5.4.189
linuxlinux_kernel*≥5.5  –  <5.10.110
linuxlinux_kernel*≥5.11  –  <5.15.33
linuxlinux_kernel*≥5.16  –  <5.16.19
linuxlinux_kernel*≥5.17  –  <5.17.2

References 9

  • git.kernel.org https://git.kernel.org/stable/c/055cdd2e7b992921424d4daaa285ced787fb205f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/08dff482012758935c185532b1ad7d584785a86e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/37a1a2e6eeeb101285cd34e12e48a881524701aa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/41baa86b6c802cdc6ab8ff2d46c083c9be93de81
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/47e5533adf118afaf06d25a3e2aaaab89371b1c5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/580e5d3815474b8349250c25c16416585a72c7fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6a5226e544ac043bb2d8dc1bfe8920d02282f7cd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/72dd5c46a152136712a55bf026a9aa8c1b12b60d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9ff2f7294ab0f011cd4d1b7dcd9a07d8fdf72834
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/055cdd2e7b992921424d4daaa285ced787fb205f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/08dff482012758935c185532b1ad7d584785a86e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/37a1a2e6eeeb101285cd34e12e48a881524701aa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/41baa86b6c802cdc6ab8ff2d46c083c9be93de81
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/47e5533adf118afaf06d25a3e2aaaab89371b1c5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/580e5d3815474b8349250c25c16416585a72c7fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6a5226e544ac043bb2d8dc1bfe8920d02282f7cd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/72dd5c46a152136712a55bf026a9aa8c1b12b60d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9ff2f7294ab0f011cd4d1b7dcd9a07d8fdf72834
    Patch