CVE-2021-3896 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary code execution
Description	In the Linux kernel before version 5.14.15, there is an array-index-out-bounds bug in detach_capi_ctr in drivers/isdn/capi/kcapi.c. During this process, the kernel thread would call detach_capi_ctr() to detach a register controller. if the controller was not attached yet, detach_capi_ctr() would trigger an array-index-out-bounds bug.

Group	Package	Affected	Fixed	Severity	Status
AVG-2500	linux-lts	5.10.75-1	5.10.76-1	Medium	Fixed
AVG-2499	linux-hardened	5.14.14.hardened1-1	5.14.16.hardened1-1	High	Fixed
AVG-2498	linux-zen	5.14.14.zen1-1	5.14.15.zen1-1	Medium	Fixed
AVG-2497	linux	5.14.14.arch1-1	5.14.15.arch1-1	Medium	Fixed

References
https://www.openwall.com/lists/oss-security/2021/10/19/1 https://bugzilla.redhat.com/show_bug.cgi?id=2013180 https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.15&id=cc20226e218a2375d50dd9ac14fb4121b43375ff https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.76&id=7f221ccbee4ec662e2292d490a43ce6c314c4594

References

https://www.openwall.com/lists/oss-security/2021/10/19/1
https://bugzilla.redhat.com/show_bug.cgi?id=2013180
https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.15&id=cc20226e218a2375d50dd9ac14fb4121b43375ff
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.76&id=7f221ccbee4ec662e2292d490a43ce6c314c4594