Linux · Linux Kernel · CVE-2021-47547
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to an out-of-bounds array access in the Linux kernel, specifically in the net: tulip: de4x5 component. The problem arises when the array 'lp->phy[8]' is accessed with an index that exceeds its bounds, potentially leading to a denial of service. The issue is caused by a logic error in the code, where the loop counter 'k' can reach a value of 8, resulting in an out-of-bounds access.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.