CVE-2021-47495: usbnet: sanity check for maxpacket
In the Linux kernel, the following vulnerability has been resolved:
usbnet: sanity check for maxpacket
maxpacket of 0 makes no sense and oopses as we need to divide by it. Give up.
V2: fixed typo in log and stylistic issues
Other sources
In the Linux kernel, the following vulnerability has been resolved:
usbnet: sanity check for maxpacket
The Linux kernel CVE team has assigned CVE-2021-47495 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052242-CVE-2021-47495-a5f8@gregkh/T
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by the lack of a sanity check for maxpacket. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2021-47495?
CVE-2021-47495 is classified as a high severity vulnerability within the Linux kernel.
How do I fix CVE-2021-47495?
To fix CVE-2021-47495, upgrade your Linux kernel to versions 4.4.291, 4.9.289, 4.14.254, 4.19.215, 5.4.157, 5.10.77, 5.14.16, or 5.15 depending on your system.
What impact does CVE-2021-47495 have on my system?
CVE-2021-47495 could cause a kernel panic due to invalid maxpacket handling in the USB network driver.
Which systems are affected by CVE-2021-47495?
CVE-2021-47495 affects various Linux distributions using the specified vulnerable kernel versions.
Is CVE-2021-47495 a remote or local vulnerability?
CVE-2021-47495 is considered a local vulnerability as it requires local access to the affected system to trigger the issue.