PT-2024-11230 · Linux+3 · Linux Kernel+3
Lin
+2
·
Published
2021-06-16
·
Updated
2024-05-21
·
CVE-2021-47221
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to the SLUB redzoning feature in the Linux kernel, which checks for corruption from
s->object size instead of s->inuse. This can cause the freelist pointer to be written beyond s->object size when the object size is less than 24, corrupting the redzone. The problem is visible when using "slub debug=ZF". The kernel adjusts the offset to stay within s->object size to resolve the issue. No caches in this size range are known to exist in the kernel currently.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Centos
Linux Kernel
Red Hat