In the Linux kernel, the following vulnerability has been resolved: asix:
fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than
sizeof(smsr) bytes and in this case smsr will be uninitialized. Fail log:
BUG: KMSAN: uninit-value in asix_check_host_enable
drivers/net/usb/asix_common.c:82 [inline] BUG: KMSAN: uninit-value in
asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]
drivers/net/usb/asix_common.c:497 BUG: KMSAN: uninit-value in
asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497
drivers/net/usb/asix_common.c:497 asix_check_host_enable
drivers/net/usb/asix_common.c:82 [inline] asix_check_host_enable
drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497
asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497
drivers/net/usb/asix_common.c:497
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-bluefield | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-gkeop | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-ibm | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-iot | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-kvm | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-oracle | < any | UNKNOWN |
git.kernel.org/linus/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03 (5.16-rc7)
git.kernel.org/stable/c/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03
git.kernel.org/stable/c/d259f621c85949f30cc578cac813b82bb5169f56
launchpad.net/bugs/cve/CVE-2021-47101
nvd.nist.gov/vuln/detail/CVE-2021-47101
security-tracker.debian.org/tracker/CVE-2021-47101
www.cve.org/CVERecord?id=CVE-2021-47101