PT-2021-8159 · Linux+5 · Linux Kernel+5

Published

2021-10-18

Updated

2025-05-28

CVE-2021-47219

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The vulnerability is related to an out-of-bound read in the resp report tgtpgs() function. It was observed running syzkaller, which reported a slab-out-of-bounds error in memcpy and sg copy buffer. The issue occurs when userspace passes a large length, resulting in a negative alen value. The vulnerability can be exploited to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2024-09177

CVE-2021-47219

OPENSUSE-SU-2024_1641-1

OPENSUSE-SU-2024_1644-1

OPENSUSE-SU-2024_1659-1

OPENSUSE-SU-2024_1663-1

OPENSUSE-SU-2024_2948-1

SUSE-SU-2024:1641-1

SUSE-SU-2024:1644-1

SUSE-SU-2024:1647-1

SUSE-SU-2024:1659-1

SUSE-SU-2024:1663-1

SUSE-SU-2024:2892-1

SUSE-SU-2024:2893-1

SUSE-SU-2024:2895-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2923-1

SUSE-SU-2024:2940-1

SUSE-SU-2024:2948-1

USN-7391-1

USN-7392-1

USN-7392-2

USN-7392-3

USN-7392-4

USN-7393-1

USN-7401-1

USN-7413-1

USN-7463-1

USN-7496-1

USN-7496-2

USN-7496-3

USN-7496-4

USN-7496-5

USN-7506-1

USN-7506-2

USN-7506-3

USN-7506-4

USN-7539-1

USN-7540-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2021-8159 · Linux+5 · Linux Kernel+5

CVE-2021-47219

Weakness Enumeration

Related Identifiers

Affected Products

References · 1470