Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: lantiq: fix memory corruption in RX ring In a situation where memory allocation or dma mapping fails, an invalid address is programmed into the descriptor. This can lead to memory corruption. If the memory allocation fails, DMA should reuse the previous skb and mapping and drop the packet. This patch also increments rx drop counter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.20, < 5.4.124 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2Patch
- https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418Patch
- https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975dPatch
- https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20Patch
- https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2Patch
- https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418Patch
- https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975dPatch
- https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20Patch
FAQ
What is CVE-2021-47137?
CVE-2021-47137 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: net: lantiq: fix memory corruption in RX ring In a situation where memory allocation or dma mapping fails, an invalid address is p...
How severe is CVE-2021-47137?
CVE-2021-47137 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-47137?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.