CVE-2021-47275

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the bcache feature in the Linux kernel, specifically in the cache missing code path. A potential kernel panic can occur due to an oversized read request. The cached dev cache miss() function is called when a cache miss range is matched in the internal B+ tree, and the sectors parameter is used to calculate the size of the read request. However, the current calculation may generate an oversized value of sectors, leading to two potential kernel panics: one caused by BUG ON() inside bch btree insert key() and another caused by BUG() inside biovec slab(). The oversized sectors parameter can trigger these panics by causing an overflow in the bkey size calculation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.