Lucene search

MitreCVE-2021-28972

HistoryMar 22, 2021 - 5:15 p.m.

CVE-2021-28972

2021-03-2217:15:15

CWE-120

mitre

web.nvd.nist.gov

222

cve-2021

vulnerability

buffer overflow

linux kernel

rpa pci hotplug driver

nvd

security

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

19.0%

JSON

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name ‘\0’ termination, aka CID-cc7a0bb058b8.

Affected configurations

Nvd

Node

linuxlinux_kernelRange<4.4.263

linuxlinux_kernelRange4.5–4.9.263

linuxlinux_kernelRange4.10–4.14.227

linuxlinux_kernelRange4.15–4.19.183

linuxlinux_kernelRange4.20–5.4.108

linuxlinux_kernelRange5.5.0–5.10.26

linuxlinux_kernelRange5.11–5.11.9

Node

fedoraprojectfedoraMatch32

fedoraprojectfedoraMatch33

fedoraprojectfedoraMatch34

Node

netappcloud_backupMatch-

netappfas\/aff_baseboard_management_controllerMatch-

netappsolidfire_baseboard_management_controller_firmwareMatch-

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
fedoraprojectfedora32cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
fedoraprojectfedora33cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
fedoraprojectfedora34cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
netappcloud_backup-cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
netappfas\/aff_baseboard_management_controller-cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller:-:*:*:*:*:*:*:*
netappsolidfire_baseboard_management_controller_firmware-cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
fedoraproject	fedora	32	cpe:2.3:o:fedoraproject:fedora:32:::::::*
fedoraproject	fedora	33	cpe:2.3:o:fedoraproject:fedora:33:::::::*
fedoraproject	fedora	34	cpe:2.3:o:fedoraproject:fedora:34:::::::*
netapp	cloud_backup	-	cpe:2.3:a:netapp:cloud_backup:-:::::::*
netapp	fas\/aff_baseboard_management_controller	-	cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller:-:::::::*
netapp	solidfire_baseboard_management_controller_firmware	-	cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:::::::*