In the Linux kernel, the following vulnerability has been resolved:
net: dsa: fix a crash if ->get_sset_count() fails
If ds->ops->get_sset_count() fails then it "count" is a negative error
code such as -EOPNOTSUPP. Because "i" is an unsigned int, the negative
error code is type promoted to a very high value and the loop will
corrupt memory until the system crashes.
Fix this by checking for error codes and changing the type of "i" to
just int.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-03-25T09:16:13.815Z
Updated: 2024-12-19T07:36:17.964Z
Reserved: 2024-03-25T09:12:14.109Z
Link: CVE-2021-47159
Vulnrichment
Updated: 2024-08-04T05:24:39.963Z
NVD
Status : Awaiting Analysis
Published: 2024-03-25T10:15:08.330
Modified: 2024-11-21T06:35:31.290
Link: CVE-2021-47159
Redhat