Vulnerability-Lookup

BDU:2024-10498

Vulnerability from fstec - Published: 30.10.2021

Title

Уязвимость компонента dt9812 ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальной информации

Description

Уязвимость компонента dt9812 ядра операционной системы Linux связана с недостаточной защитой служебных данных. Эксплуатация уязвимости может позволить нарушителю получить доступ к конфиденциальной информации

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Vendor

Canonical Ltd., Сообщество свободного программного обеспечения, ООО «Ред Софт»

Software Name

Ubuntu, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Linux

Software Version

14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 10 (Debian GNU/Linux), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), от 4.5 до 4.9.289 включительно (Linux), от 4.10 до 4.14.254 включительно (Linux), от 4.15 до 4.19.216 включительно (Linux), от 4.20 до 5.4.158 включительно (Linux), от 5.5 до 5.10.78 включительно (Linux), от 5.11 до 5.14.17 включительно (Linux), от 5.15 до 5.15.1 включительно (Linux), от 2.6.29 до 4.4.291 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2024052236-CVE-2021-47477-955e@gregkh/T/ Для РедоС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2021-47477 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2021-47477 Для Ubuntu: https://ubuntu.com/security/CVE-2021-47477

Reference

https://access.redhat.com/security/cve/cve-2021-47477 https://git.kernel.org/linus/536de747bc48262225889a533db6650731ab25d3 https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e_x0001_ https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2 https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2_x0001_ https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3 https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3_x0001_ https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed_x0001_ https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe_x0001_ https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3 https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3_x0001_ https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6 https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6_x0001_ https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97 https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97_x0001_ https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723 https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723_x0001_ https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.255 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.217 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.292 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.290 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.18 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.2 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.159 https://lore.kernel.org/linux-cve-announce/2024052236-CVE-2021-47477-955e@gregkh/ https://lore.kernel.org/linux-cve-announce/2024052236-CVE-2021-47477-955e@gregkh/T/ https://redos.red-soft.ru/support/secure/ https://security-tracker.debian.org/tracker/CVE-2021-47477 https://ubuntu.com/security/CVE-2021-47477 https://www.cve.org/CVERecord?id=CVE-2021-47477

CWE

CWE-200

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:N/A:P",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 10 (Debian GNU/Linux), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), \u043e\u0442 4.5 \u0434\u043e 4.9.289 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.254 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.216 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.158 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.78 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.14.17 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.15 \u0434\u043e 5.15.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 2.6.29 \u0434\u043e 4.4.291 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2024052236-CVE-2021-47477-955e@gregkh/T/\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u043e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2021-47477\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2021-47477\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/CVE-2021-47477",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "30.10.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.01.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "02.12.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-10498",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-47477",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 14.04 LTS , Canonical Ltd. Ubuntu 16.04 LTS , Canonical Ltd. Ubuntu 18.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Canonical Ltd. Ubuntu 20.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux 5.16 rc1 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.29 \u0434\u043e 4.14.255 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.29 \u0434\u043e 4.19.217 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.29 \u0434\u043e 4.4.292 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.29 \u0434\u043e 4.9.290 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.29 \u0434\u043e 5.10.79 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.29 \u0434\u043e 5.14.18 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.29 \u0434\u043e 5.15.2 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.29 \u0434\u043e 5.4.159 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 dt9812 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-200)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 dt9812 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2021-47477\nhttps://git.kernel.org/linus/536de747bc48262225889a533db6650731ab25d3\nhttps://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e\nhttps://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e_x0001_\nhttps://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2\nhttps://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2_x0001_\nhttps://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3\nhttps://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3_x0001_\nhttps://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed\nhttps://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed_x0001_\nhttps://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe\nhttps://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe_x0001_\nhttps://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3\nhttps://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3_x0001_\nhttps://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6\nhttps://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6_x0001_\nhttps://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97\nhttps://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97_x0001_\nhttps://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723\nhttps://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723_x0001_\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.255\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.217\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.292\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.290\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.18\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.2\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.159\nhttps://lore.kernel.org/linux-cve-announce/2024052236-CVE-2021-47477-955e@gregkh/\nhttps://lore.kernel.org/linux-cve-announce/2024052236-CVE-2021-47477-955e@gregkh/T/\nhttps://redos.red-soft.ru/support/secure/\nhttps://security-tracker.debian.org/tracker/CVE-2021-47477\nhttps://ubuntu.com/security/CVE-2021-47477\nhttps://www.cve.org/CVERecord?id=CVE-2021-47477",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-200",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,2)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,3)\n\u041d\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 0)"
}

CVE-2021-47477 (GCVE-0-2021-47477)

Vulnerability from cvelistv5 – Published: 2024-05-22 08:19 – Updated: 2025-05-04 07:11

Title

comedi: dt9812: fix DMA buffers on stack

Summary

In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail. Allocate proper transfer buffers in the various command helpers and return an error on short transfers instead of acting on random stack data. Note that this also fixes a stack info leak on systems where DMA is not used as 32 bytes are always sent to the device regardless of how short the command is.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-noinfo Not enough information

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/a6af69768d5cb4b25…
	https://git.kernel.org/stable/c/365a346cda82f51d8…
	https://git.kernel.org/stable/c/8a52bc480992c7c9d…
	https://git.kernel.org/stable/c/39ea61037ae78f14f…
	https://git.kernel.org/stable/c/3efb7af8ac437085b…
	https://git.kernel.org/stable/c/786f5b03450454557…
	https://git.kernel.org/stable/c/3ac273d154d634e20…
	https://git.kernel.org/stable/c/20cebb8b620dc987e…
	https://git.kernel.org/stable/c/536de747bc4826222…

Impacted products

Vendor

Product

Version

Linux

Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < a6af69768d5cb4b2528946d53be5fa19ade37723 (git)
Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < 365a346cda82f51d835c49136a00a9df8a78c7f2 (git)
Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < 8a52bc480992c7c9da3ebfea456af731f50a4b97 (git)
Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < 39ea61037ae78f14fa121228dd962ea3280eacf3 (git)
Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < 3efb7af8ac437085b6c776e5b54830b149d86efe (git)
Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < 786f5b03450454557ff858a8bead5d7c0cbf78d6 (git)
Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < 3ac273d154d634e2034508a14db82a95d7ad12ed (git)
Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < 20cebb8b620dc987e55ddc46801de986e081757e (git)
Affected: 63274cd7d38a3322d90b66a5bc976de1fb899051 , < 536de747bc48262225889a533db6650731ab25d3 (git)

Linux

Affected: 2.6.29
Unaffected: 0 , < 2.6.29 (semver)
Unaffected: 4.4.292 , ≤ 4.4.* (semver)
Unaffected: 4.9.290 , ≤ 4.9.* (semver)
Unaffected: 4.14.255 , ≤ 4.14.* (semver)
Unaffected: 4.19.217 , ≤ 4.19.* (semver)
Unaffected: 5.4.159 , ≤ 5.4.* (semver)
Unaffected: 5.10.79 , ≤ 5.10.* (semver)
Unaffected: 5.14.18 , ≤ 5.14.* (semver)
Unaffected: 5.15.2 , ≤ 5.15.* (semver)
Unaffected: 5.16 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47477",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T15:50:06.158354Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T19:35:17.051Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/dt9812.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a6af69768d5cb4b2528946d53be5fa19ade37723",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            },
            {
              "lessThan": "365a346cda82f51d835c49136a00a9df8a78c7f2",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            },
            {
              "lessThan": "8a52bc480992c7c9da3ebfea456af731f50a4b97",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            },
            {
              "lessThan": "39ea61037ae78f14fa121228dd962ea3280eacf3",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            },
            {
              "lessThan": "3efb7af8ac437085b6c776e5b54830b149d86efe",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            },
            {
              "lessThan": "786f5b03450454557ff858a8bead5d7c0cbf78d6",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            },
            {
              "lessThan": "3ac273d154d634e2034508a14db82a95d7ad12ed",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            },
            {
              "lessThan": "20cebb8b620dc987e55ddc46801de986e081757e",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            },
            {
              "lessThan": "536de747bc48262225889a533db6650731ab25d3",
              "status": "affected",
              "version": "63274cd7d38a3322d90b66a5bc976de1fb899051",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/comedi/drivers/dt9812.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.29"
            },
            {
              "lessThan": "2.6.29",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.217",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.79",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.292",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.290",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.255",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.217",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.159",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.79",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14.18",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.2",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.16",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: dt9812: fix DMA buffers on stack\n\nUSB transfer buffers are typically mapped for DMA and must not be\nallocated on the stack or transfers will fail.\n\nAllocate proper transfer buffers in the various command helpers and\nreturn an error on short transfers instead of acting on random stack\ndata.\n\nNote that this also fixes a stack info leak on systems where DMA is not\nused as 32 bytes are always sent to the device regardless of how short\nthe command is."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:11:51.469Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723"
        },
        {
          "url": "https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97"
        },
        {
          "url": "https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3"
        },
        {
          "url": "https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe"
        },
        {
          "url": "https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed"
        },
        {
          "url": "https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e"
        },
        {
          "url": "https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3"
        }
      ],
      "title": "comedi: dt9812: fix DMA buffers on stack",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47477",
    "datePublished": "2024-05-22T08:19:30.860Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2025-05-04T07:11:51.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2024-10498

CVE-2021-47477 (GCVE-0-2021-47477)

Tags

Sightings

Nomenclature