CVE-2021-47495

MEDIUM

Linux Kernel < 4.4.291 - Divide By Zero

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket maxpacket of 0 makes no sense and oopses as we need to divide by it. Give up. V2: fixed typo in log and stylistic issues

References (8)

[Patch] https://git.kernel.org/stable/c/002d82227c0abe29118cf80f7e2f396b22d448ed

[Patch] https://git.kernel.org/stable/c/397430b50a363d8b7bdda00522123f82df6adc5e

[Patch] https://git.kernel.org/stable/c/492140e45d2bf27c1014243f8616a9b612144e20

[Patch] https://git.kernel.org/stable/c/524f333e98138d909a0a0c574a9ff6737dce2767

[Patch] https://git.kernel.org/stable/c/693ecbe8f799405f8775719deedb1f76265d375a

[Patch] https://git.kernel.org/stable/c/74b3b27cf9fecce00cd8918b7882fd81191d0aa4

[Patch] https://git.kernel.org/stable/c/7e8b6a4f18edee070213cb6a77118e8a412253c5

[Patch] https://git.kernel.org/stable/c/b9eba0a4a527e04d712f0e0401e5391ef124b33e

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 1.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-369

Status published

Products (2)

linux/linux_kernel 5.15 rc1 (6 CPE variants)

linux/linux_kernel < 4.4.291

Published May 22, 2024

Tracked Since Feb 18, 2026