PT-2024-11248 · Linux+2 · Linux Kernel+2
Syzbot
·
Published
2021-06-14
·
Updated
2025-06-18
·
CVE-2021-47240
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to a slab-out-of-bounds read in the
qrtr endpoint post function. The problem occurs when the size from qrtr hdr is set to 4294967293 (0xfffffffd), causing the ALIGN(size, 4) function to return 0. This can lead to an out-of-bounds read from the data buffer, which is allocated with a size of hdrlen. The issue is caused by a wrong size type in the if (len != ALIGN(size, 4) + hdrlen) check.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linux Kernel
Suse