PT-2021-5501 · Linux+9 · Linux Kernel+9

Brendan Dolan-Gavitt

·

Published

2021-11-13

·

Updated

2023-11-14

·

CVE-2021-43975

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.15.2
Description The issue is related to the function hw atl utils fw rpc wait in the Linux kernel, which allows an attacker to trigger an out-of-bounds write via a crafted length value. This can be exploited by introducing a crafted device, potentially leading to arbitrary code execution.
Recommendations For Linux kernel versions through 5.15.2, consider updating to a version newer than 5.15.2 to resolve the issue. As a temporary workaround, consider restricting access to the hw atl utils fw rpc wait function in the drivers/net/ethernet/aquantia/atlantic/hw atl/hw atl utils.c file until a patch is available.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2023:7077
ALT-PU-2021-3330
ALT-PU-2021-3358
ALT-PU-2021-3563
ALT-PU-2021-3573
ALT-PU-2021-3660
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-6605
BDU:2021-06351
CESA-2023_6901
CESA-2023_7077
CVE-2021-43975
DLA-2941-1
DSA-5096-1
MGASA-2021-0574
MGASA-2021-0575
OESA-2021-1442
OPENSUSE-SU-2022:0056-1
OPENSUSE-SU-2022:0131-1
OPENSUSE-SU-2022:0366-1
OPENSUSE-SU-2022_0056-1
OPENSUSE-SU-2022_0131-1
OPENSUSE-SU-2022_0366-1
RHSA-2023:6901
RHSA-2023:7077
RHSA-2023_6901
RHSA-2023_7077
RHSA-2024:1188
RHSA-2024:1404
SUSE-SU-2022:0056-1
SUSE-SU-2022:0068-1
SUSE-SU-2022:0079-1
SUSE-SU-2022:0080-1
SUSE-SU-2022:0090-1
SUSE-SU-2022:0131-1
SUSE-SU-2022:0181-1
SUSE-SU-2022:0197-1
SUSE-SU-2022:0366-1
SUSE-SU-2022:0367-1
SUSE-SU-2022:0371-1
USN-5278-1
USN-5294-1
USN-5294-2
USN-5297-1
USN-5337-1
USN-5368-1
USN-5385-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu