CVE-2021-47251

HIGH

Linux Kernel 5.10-5.10.46 - Improper Validation of Specified Quantity in Input

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix skb length check in ieee80211_scan_rx() Replace hard-coded compile-time constants for header length check with dynamic determination based on the frame type. Otherwise, we hit a validation WARN_ON in cfg80211 later. [style fixes, reword commit message]

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/5a1cd67a801cf5ef989c4783e07b86a25b143126

Patch

https://git.kernel.org/stable/c/d1b949c70206178b12027f66edc088d40375b5cb

Patch

https://git.kernel.org/stable/c/e298aa358f0ca658406d524b6639fe389cb6e11e

Scores

CVSS v3 7.8

EPSS 0.0023

EPSS Percentile 13.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1284

Status published

Products (10)

Linux/Linux < 5.10

Linux/Linux 5.10

Linux/Linux 5.10.46 - 5.10.*

Linux/Linux 5.12.13 - 5.12.*

Linux/Linux 5.13

Linux/Linux cd418ba63f0c2f6157f35a41c9accc6ecb52590a - 5a1cd67a801cf5ef989c4783e07b86a25b143126

Linux/Linux cd418ba63f0c2f6157f35a41c9accc6ecb52590a - d1b949c70206178b12027f66edc088d40375b5cb

Linux/Linux cd418ba63f0c2f6157f35a41c9accc6ecb52590a - e298aa358f0ca658406d524b6639fe389cb6e11e

linux/linux_kernel 5.13 rc1 (6 CPE variants)

linux/linux_kernel 5.10 - 5.10.46

Published May 21, 2024

Tracked Since Feb 18, 2026