CVE-2021-47586

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47586
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47586.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-47586
Related
Published
2024-06-19T15:15:53Z
Modified
2024-11-06T20:35:03Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: stmmac: dwmac-rk: fix oob read in rkgmacsetup

KASAN reports an out-of-bounds read in rkgmacsetup on the line:

while (ops->regs[i]) {

This happens for most platforms since the regs flexible array member is empty, so the memory after the ops structure is being read here. It seems that mostly this happens to contain zero anyway, so we get lucky and everything still works.

To avoid adding redundant data to nearly all the ops structures, add a new flag to indicate whether the regs field is valid and avoid this loop when it is not.

References

Affected packages

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.15-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.15-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}