CVE-2021-47080

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13.0-rc1+

Description A divide-by-zero error can be triggered in the Linux kernel by a user-supplied value, specifically the user entry size, which is used as a denominator to calculate the number of entries. When a zero value is supplied, it triggers a divide-by-zero error. The error occurs in the ib uverbs handler UVERBS METHOD QUERY GID TABLE function.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to the ib uverbs handler UVERBS METHOD QUERY GID TABLE function until a patch is available. Avoid using the user entry size parameter with a value of zero in the affected API endpoint until the issue is resolved.