PT-2021-6205 · Linux+3 · Linux Kernel+3

Wenqing Liu

Published

2021-12-22

Updated

2023-08-14

CVE-2021-45469

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.15.11

Description The issue arises from an out-of-bounds memory access in the f2fs setxattr function in fs/f2fs/xattr.c when an inode has an invalid last xattr entry. This can potentially impact the confidentiality, integrity, and availability of protected information.

Recommendations For Linux kernel versions through 5.15.11, update to a version later than 5.15.11 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2021-3644

ALT-PU-2022-1015

ALT-PU-2022-1016

ALT-PU-2022-1026

ALT-PU-2022-1051

ALT-PU-2022-1240

ALT-PU-2022-1419

ALT-PU-2022-1421

ALT-PU-2023-1814

ALT-PU-2023-4894

AZL-7073

BDU:2022-01121

CVE-2021-45469

DLA-2941-1

DSA-5050-1

DSA-5096-1

MGASA-2021-0588

OESA-2022-1484

USN-5343-1

USN-5377-1

Affected Products

Alt Linux

Astra Linux

Linux Kernel

Ubuntu

PT-2021-6205 · Linux+3 · Linux Kernel+3

CVE-2021-45469

Weakness Enumeration

Related Identifiers

Affected Products

References · 117