PT-2024-11188 · Linux+2 · Linux Kernel+2

Raju Rangoju

Published

2021-05-19

Updated

2024-08-19

CVE-2021-47138

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises when the hardware register containing the server TID base holds invalid values, which can occur when the adapter is in a bad state, such as after an AER fatal error. Reading these invalid values can lead to out-of-bound memory access. The fix involves using the saved server TID base when clearing filters.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

BDU:2025-13697

CVE-2021-47138

OPENSUSE-SU-2024_1489-1

RHSA-2024:6297

SUSE-SU-2024:1454-1

SUSE-SU-2024:1465-1

SUSE-SU-2024:1489-1

SUSE-SU-2024:1643-1

SUSE-SU-2024:1646-1

SUSE-SU-2024:1870-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2024-11188 · Linux+2 · Linux Kernel+2

CVE-2021-47138

Weakness Enumeration

Related Identifiers

Affected Products

References · 612