CVE-2021-42739 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Privilege escalation
Description	The firewire subsystem in the Linux kernel before version 5.15.1 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.

Group	Package	Affected	Fixed	Severity	Status
AVG-2540	linux-hardened	5.14.16.hardened1-1	5.14.17.hardened1-1	Medium	Fixed
AVG-2532	linux-lts	5.10.77-3	5.10.78-1	Medium	Fixed
AVG-2531	linux-zen	5.15.zen1-1	5.15.1.zen1-1	Medium	Fixed
AVG-2530	linux	5.15.arch1-1	5.15.1.arch1-1	Medium	Fixed

References
https://www.openwall.com/lists/oss-security/2021/04/20/1 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.1&id=cb667140875a3b1db92e4c50b4617a7cbf84659b https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.17&id=02a476ca886dc8155025fe99cbbad4121d029fa7 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.78&id=d7fc85f6104259541ec136199d3bf7c8a736613d

References

https://www.openwall.com/lists/oss-security/2021/04/20/1
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.1&id=cb667140875a3b1db92e4c50b4617a7cbf84659b
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.17&id=02a476ca886dc8155025fe99cbbad4121d029fa7
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.78&id=d7fc85f6104259541ec136199d3bf7c8a736613d