high
7.8
CWE
120
Advisory Published
Updated

CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver

First published: Wed Jun 19 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver The Linux kernel CVE team has assigned <a href="https://access.redhat.com/security/cve/CVE-2021-47609">CVE-2021-47609</a> to this issue. Upstream advisory: <a href="https://lore.kernel.org/linux-cve-announce/2024061907-CVE-2021-47609-5ebf@gregkh/T">https://lore.kernel.org/linux-cve-announce/2024061907-CVE-2021-47609-5ebf@gregkh/T</a>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
redhat/kernel<4.9.294
4.9.294
redhat/kernel<4.14.259
4.14.259
redhat/kernel<4.19.222
4.19.222
redhat/kernel<5.4.168
5.4.168
redhat/kernel<5.10.88
5.10.88
redhat/kernel<5.15.11
5.15.11
redhat/kernel<5.16
5.16
Linux Kernel>=4.8<4.9.294
Linux Kernel>=4.10<4.14.259
Linux Kernel>=4.15<4.19.222
Linux Kernel>=4.20<5.4.168
Linux Kernel>=5.5<5.10.88
Linux Kernel>=5.11<5.15.11
Linux Kernel=5.16-rc1
Linux Kernel=5.16-rc2
Linux Kernel=5.16-rc3
Linux Kernel=5.16-rc4
Linux Kernel=5.16-rc5

Remedy

https://git.kernel.org/stable/c/4694b1ec425a2d20d6f8ca3db594829fdf5f2672

Remedy

https://git.kernel.org/stable/c/639901b9429a3195e0fead981ed74b51f5f31538

Remedy

https://git.kernel.org/stable/c/7e8645ca2c0046f7cd2f0f7d569fc036c8abaedb

Remedy

https://git.kernel.org/stable/c/802a1a8501563714a5fe8824f4ed27fec04a0719

Remedy

https://git.kernel.org/stable/c/865ed67ab955428b9aa771d8b4f1e4fb7fd08945

Remedy

https://git.kernel.org/stable/c/976389cbb16cee46847e5d06250a3a0b5506781e

Remedy

https://git.kernel.org/stable/c/f0f484714f35d24ffa0ecb4afe3df1c5b225411d

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2021-47609?

    The severity of CVE-2021-47609 is classified as medium due to the potential for string overflow in the SCPI genpd driver in the Linux kernel.

  • How do I fix CVE-2021-47609?

    To fix CVE-2021-47609, update the Linux kernel to the latest version as specified in the advisory, for example, kernel versions 4.9.294, 4.14.259, 4.19.222, 5.4.168, 5.10.88, 5.15.11, or 5.16.

  • Which versions of the Linux kernel are affected by CVE-2021-47609?

    CVE-2021-47609 affects Linux kernel versions before 4.9.294, 4.14.259, 4.19.222, 5.4.168, 5.10.88, 5.15.11, and 5.16.

  • Is CVE-2021-47609 remotely exploitable?

    CVE-2021-47609 is not considered to be remotely exploitable as it requires local access to the affected system.

  • What does CVE-2021-47609 affect specifically?

    CVE-2021-47609 specifically affects the SCPI genpd driver in the Linux kernel, leading to potential string overflow issues.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203