CVE-2021-28972

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-28972

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-28972.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-28972

Downstream

DEBIAN-CVE-2021-28972

DLA-2690-1

OESA-2021-1176

SUSE-SU-2021:1175-1

SUSE-SU-2021:1176-1

SUSE-SU-2021:1177-1

SUSE-SU-2021:1210-1

SUSE-SU-2021:1211-1

SUSE-SU-2021:1238-1

SUSE-SU-2021:14724-1

SUSE-SU-2021:1573-1

SUSE-SU-2021:1596-1

SUSE-SU-2021:1617-1

SUSE-SU-2021:1623-1

SUSE-SU-2021:1624-1

SUSE-SU-2021:1625-1

SUSE-SU-2021:1975-1

SUSE-SU-2021:1977-1

UBUNTU-CVE-2021-28972

USN-4948-1

USN-4979-1

USN-4982-1

USN-4984-1

USN-5299-1

USN-5343-1

openSUSE-SU-2021:0532-1

openSUSE-SU-2021:0758-1

openSUSE-SU-2021:1975-1

openSUSE-SU-2021:1977-1

Related

Published

2021-03-22T17:15:15Z

Modified

2025-08-09T20:01:28Z

Severity

6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because addslotstore and removeslotstore mishandle drcname '\0' termination, aka CID-cc7a0bb058b8.

References

Affected packages