CVE-2021-43975 - log back

CVE-2021-43975 edited at 08 Dec 2021 11:31:38
Description
- In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
+ In the Linux kernel before version 5.15.7, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
References
https://lore.kernel.org/netdev/163698540868.13805.17800408021782408762.git-patchwork-notify@kernel.org/T/
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.7&id=cec49b6dfdb0b9fefd0f17c32014223f73ee2605
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.84&id=2c514d25003ac89bb7716bb4402918ccb141f8f5
CVE-2021-43975 edited at 25 Nov 2021 22:07:41
References
https://lore.kernel.org/netdev/163698540868.13805.17800408021782408762.git-patchwork-notify@kernel.org/T/
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496
CVE-2021-43975 edited at 17 Nov 2021 19:27:15
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
References
+ https://lore.kernel.org/netdev/163698540868.13805.17800408021782408762.git-patchwork-notify@kernel.org/T/
+ https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b922f622592af76b57cbc566eaeccda0b31a3496
CVE-2021-43975 created at 17 Nov 2021 19:25:49
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes