CVE-2021-47548: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()
In the Linux kernel, the following vulnerability has been resolved:
ethernet: hisilicon: hns: hnsdsafmisc: fix a possible array overflow in hnsdsafgesrstbyport()
The if statement: if (port >= DSAFGENUM) return;
limits the value of port less than DSAFGENUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: portrstoff = dsafdev->maccb[port]->portrstoff;
because the length of dsafdev->maccb is DSAFMAXPORTNUM (i.e., 6).
To fix this possible array overflow, we first check port and if it is greater than or equal to DSAFMAXPORTNUM, the function returns.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
ethernet: hisilicon: hns: hnsdsafmisc: fix a possible array overflow in hnsdsafgesrstbyport()
The Linux kernel CVE team has assigned CVE-2021-47548 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052441-CVE-2021-47548-e9c0@gregkh/T
— Red Hat
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2021-47548?
CVE-2021-47548 is categorized as a medium severity vulnerability affecting the Linux kernel.
How do I fix CVE-2021-47548?
To resolve CVE-2021-47548, you should upgrade the Linux kernel to version 4.9.292, 4.14.257, 4.19.220, 5.4.164, 5.10.84, 5.15.7, or 5.16.
Which versions of the Linux kernel are affected by CVE-2021-47548?
CVE-2021-47548 affects Linux kernel versions prior to 4.9.292, 4.14.257, 4.19.220, 5.4.164, 5.10.84, 5.15.7, and 5.16.
What component of the Linux kernel is impacted by CVE-2021-47548?
CVE-2021-47548 impacts the Ethernet handling subsystem, specifically the hisilicon hns driver in the Linux kernel.
Can CVE-2021-47548 lead to system exploitation?
Yes, CVE-2021-47548 may lead to an array overflow which could potentially be exploited by an attacker to cause denial of service or other vulnerabilities.