CVE-2021-47547

MEDIUM

Linux Kernel < 4.4.294 - Out-of-Bounds Array Access in Tulip DE4X5 PHY ID Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound In line 5001, if all id in the array 'lp->phy[8]' is not 0, when the 'for' end, the 'k' is 8. At this time, the array 'lp->phy[8]' may be out of bound.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/ec5bd0aef1cec96830d0c7e06d3597d9e786cc98

Patch

https://git.kernel.org/stable/c/142ead3dc70411bd5977e8c47a6d8bf22287b3f8

Patch

https://git.kernel.org/stable/c/d3dedaa5a601107cfedda087209772c76e364d58

Patch

https://git.kernel.org/stable/c/2c1a6a9a011d622a7c61324a97a49801ba425eff

Patch

https://git.kernel.org/stable/c/77ff166909458646e66450e42909e0adacc99049

Patch

https://git.kernel.org/stable/c/f059fa40f0fcc6bc7a12e0f2a2504e9a4ff74f1f

Patch

https://git.kernel.org/stable/c/12f907cb11576b8cd0b1d95a16d1f10ed5bb7237

Patch

https://git.kernel.org/stable/c/61217be886b5f7402843677e4be7e7e83de9cb41

Scores

CVSS v3 4.4

EPSS 0.0023

EPSS Percentile 14.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-129

Status published

Products (20)

Linux/Linux < 2.6.12

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 12f907cb11576b8cd0b1d95a16d1f10ed5bb7237

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 142ead3dc70411bd5977e8c47a6d8bf22287b3f8

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 2c1a6a9a011d622a7c61324a97a49801ba425eff

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 61217be886b5f7402843677e4be7e7e83de9cb41

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 77ff166909458646e66450e42909e0adacc99049

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - d3dedaa5a601107cfedda087209772c76e364d58

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - ec5bd0aef1cec96830d0c7e06d3597d9e786cc98

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - f059fa40f0fcc6bc7a12e0f2a2504e9a4ff74f1f

Linux/Linux 2.6.12

... and 10 more

Published May 24, 2024

Tracked Since Feb 18, 2026