What is the severity of CVE-2021-28972?

CVE-2021-28972 has a high severity due to the user-tolerable buffer overflow vulnerability that poses significant risks to system security.

How do I fix CVE-2021-28972?

To fix CVE-2021-28972, you should upgrade your Linux kernel to versions 5.10.223-1, 5.10.226-1, 6.1.123-1, 6.1.119-1, or 6.12.10-1.

Which systems are affected by CVE-2021-28972?

CVE-2021-28972 affects various versions of the Linux kernel up to 5.11.8, including specific Fedora and NetApp versions.

What type of vulnerability is CVE-2021-28972?

CVE-2021-28972 is classified as a buffer overflow vulnerability in the RPA PCI Hotplug driver.

Can CVE-2021-28972 lead to privileged access?

Yes, CVE-2021-28972 can allow userspace to write data into the kernel stack frame, potentially leading to privilege escalation.

Vulnerability/
CVE-2021-28972

high

7.2

CWE

119 120

22/3/2021

21/11/2024

CVE-2021-28972: Buffer Overflow

First published: Mon Mar 22 2021(Updated: )

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.

Credit: cve@mitre.org cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1
Linux Kernel	<4.4.263
Linux Kernel	>4.5<=4.9.263
Linux Kernel	>=4.10<4.14.227
Linux Kernel	>4.15<=4.19.183
Linux Kernel	>=4.20<5.4.108
Linux Kernel	>=5.5.0<5.10.26
Linux Kernel	>=5.11<5.11.9
Fedora	=32
Fedora	=33
Fedora	=34
netapp cloud backup
NetApp FAS/AFF Baseboard Management Controller
netapp solidfire baseboard management controller firmware

Remedy

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-28972?
CVE-2021-28972 has a high severity due to the user-tolerable buffer overflow vulnerability that poses significant risks to system security.
How do I fix CVE-2021-28972?
To fix CVE-2021-28972, you should upgrade your Linux kernel to versions 5.10.223-1, 5.10.226-1, 6.1.123-1, 6.1.119-1, or 6.12.10-1.
Which systems are affected by CVE-2021-28972?
CVE-2021-28972 affects various versions of the Linux kernel up to 5.11.8, including specific Fedora and NetApp versions.
What type of vulnerability is CVE-2021-28972?
CVE-2021-28972 is classified as a buffer overflow vulnerability in the RPA PCI Hotplug driver.
Can CVE-2021-28972 lead to privileged access?
Yes, CVE-2021-28972 can allow userspace to write data into the kernel stack frame, potentially leading to privilege escalation.

agent/type
collector/launchpad-cve
source/Launchpad
agent/weakness
agent/severity
agent/author
collector/mitre-cve
source/MITRE
agent/references
agent/remedy
agent/first-publish-date
agent/last-modified-date
agent/trending
agent/source
agent/tags
collector/usn-cve
source/Ubuntu
agent/description
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
agent/softwarecombine
agent/event
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-cve
source/NVD
collector/nvd-index
package-manager/debian
vendor/linux
canonical/linux kernel
version/linux kernel/4.9.263
version/linux kernel/4.10
version/linux kernel/4.19.183
version/linux kernel/4.20
version/linux kernel/5.5.0
version/linux kernel/5.11
vendor/fedoraproject
canonical/fedora
version/fedora/32
version/fedora/33
version/fedora/34
vendor/netapp
canonical/netapp cloud backup
canonical/netapp fas/aff baseboard management controller
canonical/netapp solidfire baseboard management controller firmware