PT-2021-8196 · Linux+2 · Linux Kernel+2

James Wang

Published

2021-06-08

Updated

2024-07-03

CVE-2021-47274

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.19 LTS

Description The issue is related to a memory corruption problem in the Linux kernel, specifically in the tracing subsystem. It causes severe kernel crashes due to memory corruption. The problem is due to an out-of-bound access in the ftrace buffer. A fix has been added to protect against trace data overflow, but it may not prevent the overflow entirely. The length check should also consider the size of entry->array[0] to prevent additional space occupation and risk of overflow.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-125

Related Identifiers

BDU:2024-10598

CVE-2021-47274

OPENSUSE-SU-2024_2185-1

SUSE-SU-2024:1979-1

SUSE-SU-2024:1983-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2184-1

SUSE-SU-2024:2185-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2021-8196 · Linux+2 · Linux Kernel+2

CVE-2021-47274

Weakness Enumeration

Related Identifiers

Affected Products

References · 674