Debian Security Bug TrackerDEBIANCVE:CVE-2021-47348CVE-2021-47348
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
15.5%
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP over-read and corruption Instead of reading the desired 5 bytes of the actual target field, the code was reading 8. This could result in a corrupted value if the trailing 3 bytes were non-zero, so instead use an appropriately sized and zero-initialized bounce buffer, and read only 5 bytes before casting to u64.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
| Debian | 11 | all | linux | < 5.10.70-1 | linux_5.10.70-1_all.deb |
| Debian | 999 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
| Debian | 13 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
15.5%