DEBIAN-CVE-2021-47297
- Source
- https://security-tracker.debian.org/tracker/CVE-2021-47297
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2021-47297.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2021-47297
- Upstream
- Published
- 2024-05-21T15:15:17.553Z
- Modified
- 2026-03-11T07:33:51.740636Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object msg->msgiter.iov is uninit stack memory in caifseqpktsendmsg which is defined in ___syssendmsg. So we cann't just judge msg->msgiter.iov->base directlly. We can use nrsegs to judge msg in caifseqpktsendmsg whether has data buffers. ===================================================== BUG: KMSAN: uninit-value in caifseqpktsendmsg+0x693/0xf60 net/caif/caifsocket.c:542 Call Trace: __dumpstack lib/dumpstack.c:77 [inline] dumpstack+0x1c9/0x220 lib/dumpstack.c:118 kmsanreport+0xf7/0x1e0 mm/kmsan/kmsanreport.c:118 __msanwarning+0x58/0xa0 mm/kmsan/kmsaninstr.c:215 caifseqpktsendmsg+0x693/0xf60 net/caif/caifsocket.c:542 socksendmsgnosec net/socket.c:652 [inline] socksendmsg net/socket.c:672 [inline] ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343 ___sys_sendmsg net/socket.c:2397 [inline] __sys_sendmmsg+0x808/0xc90 net/socket.c:2480 __compatsyssendmmsg net/compat.c:656 [inline]
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source