PT-2025-7944 · Linux+3 · Linux Kernel+3

Brendan Dolan-Gavitt

Published

2022-01-12

Updated

2026-02-04

CVE-2021-47633

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.6.0

Description A bug was found in the Linux kernel during fuzzing, specifically in the ath5k eeprom read pcal info 5111 function. The issue arises when none of the curves are selected in the loop, causing the idx variable to exceed the bounds of the AR5K EEPROM N PD CURVES array. This leads to an out-of-bounds access and subsequent writes using the pd variable. A sanity check for idx has been added to resolve the issue.

Recommendations For Linux kernel versions prior to 5.6.0, consider applying the provided patch that adds a sanity check for idx in the ath5k eeprom read pcal info 5111 function to prevent out-of-bounds access. As a temporary workaround, restricting access to the vulnerable function or module may help minimize the risk of exploitation. However, since the patch is not tested with a real device, caution should be exercised when applying it.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2026-02250

CVE-2021-47633

OESA-2025-1370

OPENSUSE-SU-2025_0855-1

SUSE-SU-2025:0855-1

SUSE-SU-2025:0867-1

SUSE-SU-2025:0983-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_0855-1

SUSE-SU-2025_0983-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1293-1

SUSE-SU-2026:0385-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-7944 · Linux+3 · Linux Kernel+3

CVE-2021-47633

Weakness Enumeration

Related Identifiers

Affected Products

References · 1593