In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 Jun 2022, 13:28
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp
Netapp cloud Backup Netapp solidfire Baseboard Management Controller Firmware Netapp fas\/aff Baseboard Management Controller |
|
CPE | cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210430-0003/ - Third Party Advisory |
30 Apr 2021, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Apr 2021, 13:42
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 6.7 |
30 Mar 2021, 17:49
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
29 Mar 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Mar 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-120 | |
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CWE | CWE-120 | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CWE | CWE-120 | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-120 | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-120 | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CWE | CWE-120 | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CWE | CWE-120 | |
CWE | CWE-120 | |
CWE | CWE-120 | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CWE | CWE-120 | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-120 | |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678 - Mailing List, Patch, Vendor Advisory | |
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
26 Mar 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Mar 2021, 17:49
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CWE | ||
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CWE | ||
References |
|
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CWE | ||
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CWE | ||
References |
|
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
CWE | ||
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CWE | ||
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CWE | ||
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
New CVE | ||
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CWE | ||
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CWE | ||
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
CWE | ||
References |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CWE | ||
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
References |
|
|
CWE | ||
References |
|
|
CWE | ||
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
CWE | ||
References |
|
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Information
Published : 2021-03-22 17:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-28972
Mitre link : CVE-2021-28972
CVE.ORG link : CVE-2021-28972
JSON object : View
Products Affected
netapp
- solidfire_baseboard_management_controller_firmware
- fas\/aff_baseboard_management_controller
- cloud_backup
fedoraproject
- fedora
linux
- linux_kernel
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')