CVE-2021-28660 - log back

CVE-2021-28660 edited at 17 Mar 2021 18:22:24
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.7&id=1cdd069f7080acf6370250853c1211890f4ff38f
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.24&id=d972a516958dee489911d9f57ee7a177834ef248
CVE-2021-28660 created at 17 Mar 2021 18:21:05
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes