First published: Mon Mar 22 2021(Updated: )
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <4.4.263 | |
Linux Linux kernel | >4.5<=4.9.263 | |
Linux Linux kernel | >=4.10<4.14.227 | |
Linux Linux kernel | >4.15<=4.19.183 | |
Linux Linux kernel | >=4.20<5.4.108 | |
Linux Linux kernel | >=5.5.0<5.10.26 | |
Linux Linux kernel | >=5.11<5.11.9 | |
Fedoraproject Fedora | =32 | |
Fedoraproject Fedora | =33 | |
Fedoraproject Fedora | =34 | |
Netapp Cloud Backup | ||
Netapp Fas\/aff Baseboard Management Controller | ||
Netapp Solidfire Baseboard Management Controller Firmware | ||
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.