CVE-2021-47352
HIGHLinux Kernel < 5.4.293 - Out-of-bounds Write via Untrusted Virtio-Net Used Length
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid data corruption or loss.
References (5)
Core 5
Core References
Scores
CVSS v3
7.8
EPSS
0.0026
EPSS Percentile
17.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-787
Status
published
Products (13)
Linux/Linux
< 4.11
Linux/Linux
4.11
Linux/Linux
5.10.51 - 5.10.*
Linux/Linux
5.12.18 - 5.12.*
Linux/Linux
5.13.3 - 5.13.*
Linux/Linux
5.14
Linux/Linux
5.4.293 - 5.4.*
Linux/Linux
f6b10209b90d48a84f886ab2b317b5d2cbfe3143 - 3133e01514c3c498f2b01ff210ee6134b70c663c
Linux/Linux
f6b10209b90d48a84f886ab2b317b5d2cbfe3143 - ad993a95c508417acdeb15244109e009e50d8758
Linux/Linux
f6b10209b90d48a84f886ab2b317b5d2cbfe3143 - ba710baa1cc1b17a0483f7befe03e696efd17292
... and 3 more
Published
May 21, 2024
Tracked Since
Feb 18, 2026