← Back

CVE-2021-28660

nvd nist
Published: Mar 17, 2021Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.

Affected (18)

Show all products
Linux: Linux Kernel · Fedoraproject: Fedora · Debian: Debian Linux · Netapp: Cloud Backup, Solidfire Baseboard Management Controller Firmware, H700s Firmware, H700e Firmware, H410s Firmware, H300s Firmware, H500e Firmware, H300e Firmware, H500s Firmware
Linux
1 product
Linux Kernel
Fedoraproject
1 product
Fedora
Debian
1 product
Debian Linux
Netapp
9 products
Cloud Backup
Solidfire Baseboard Management Controller Firmware
H700s Firmware
H700e Firmware
H410s Firmware
H300s Firmware
H500e Firmware
H300e Firmware
H500s Firmware
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
From 3.12 to 4.4.262
Linux Kernel
From 4.10 to 4.14.226
Linux Kernel
From 4.15 to 4.19.181
Linux Kernel
From 4.20 to 5.4.106
Linux Kernel
From 4.5 to 4.9.262
Linux Kernel
From 5.11 to 5.11.7
Linux Kernel
From 5.5 to 5.10.24
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Fedora
Version 33
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 9.0
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Cloud Backup
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Solidfire Baseboard Management Controller Firmware
All versions
Running on/withPlatform Versions
Netapp
Solidfire Baseboard Management Controller
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H700s Firmware
All versions
Running on/withPlatform Versions
Netapp
H700s
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H700e Firmware
All versions
Running on/withPlatform Versions
Netapp
H700e
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H410s Firmware
All versions
Running on/withPlatform Versions
Netapp
H410s
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H300s Firmware
All versions
Running on/withPlatform Versions
Netapp
H300s
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H500e Firmware
All versions
Running on/withPlatform Versions
Netapp
H500e
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H300e Firmware
All versions
Running on/withPlatform Versions
Netapp
H300e
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H500s Firmware
All versions
Running on/withPlatform Versions
Netapp
H500s
All versions

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (14)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Mailing ListPatchVendor Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.