rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/11/18/1 | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2022/11/21/2 | Third Party Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=74b6b20df8cfe90ada777d621b54c32e69e27cd7 | Mailing List Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJPVQZPY3DHPV5I3IVNMSMO6D3PKZISX/ | |
https://security.netapp.com/advisory/ntap-20210507-0008/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
History
09 Nov 2023, 14:44
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp h700e Firmware
Netapp h500s Firmware Netapp h500e Netapp h700s Firmware Netapp h300e Netapp h300s Firmware Netapp h500s Netapp h300e Firmware Netapp h700s Netapp h410s Netapp h500e Firmware Netapp h700e Netapp h300s Netapp h410s Firmware |
|
CPE | cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:* |
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* |
07 Nov 2023, 03:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
19 Jan 2023, 16:04
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/11/18/1 - Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/11/21/2 - Third Party Advisory |
21 Nov 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Nov 2022, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Sep 2022, 03:54
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp baseboard Management Controller H700s Firmware
Netapp cloud Backup Netapp baseboard Management Controller H700e Netapp baseboard Management Controller H300e Netapp baseboard Management Controller H500e Firmware Netapp baseboard Management Controller H500e Debian Netapp baseboard Management Controller H700s Netapp baseboard Management Controller H300e Firmware Netapp baseboard Management Controller H700e Firmware Netapp baseboard Management Controller H410s Firmware Netapp baseboard Management Controller H300s Netapp Netapp solidfire Baseboard Management Controller Firmware Netapp baseboard Management Controller H500s Netapp baseboard Management Controller H410s Debian debian Linux Netapp solidfire Baseboard Management Controller Netapp baseboard Management Controller H300s Firmware Netapp baseboard Management Controller H500s Firmware |
|
CVSS |
v2 : v3 : |
v2 : 8.3
v3 : 8.8 |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210507-0008/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:*:*:*:*:*:*:* |
23 Jun 2021, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Mar 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
24 Mar 2021, 01:28
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=74b6b20df8cfe90ada777d621b54c32e69e27cd7 - Mailing List, Patch, Vendor Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJPVQZPY3DHPV5I3IVNMSMO6D3PKZISX/ - Mailing List, Third Party Advisory | |
CWE | CWE-787 | |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
20 Mar 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Mar 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-17 15:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-28660
Mitre link : CVE-2021-28660
CVE.ORG link : CVE-2021-28660
JSON object : View
Products Affected
netapp
- h700s_firmware
- h700e
- h700e_firmware
- h700s
- h300s_firmware
- cloud_backup
- solidfire_baseboard_management_controller_firmware
- h300s
- h300e
- h500e_firmware
- h500s
- h410s
- h410s_firmware
- h300e_firmware
- h500s_firmware
- h500e
- solidfire_baseboard_management_controller
debian
- debian_linux
linux
- linux_kernel
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write