CVE-2021-47352

Published: May 21, 2024Modified: Nov 14, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid data corruption or loss.

Affected (4)

Products: Linux: Linux Kernel

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 5.4.293
Linux Linux Kernel	From 5.11 to 5.12.18
Linux Linux Kernel	From 5.13 to 5.13.3
Linux Linux Kernel	From 5.5 to 5.10.51

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (9)

https://git.kernel.org/stable/c/3133e01514c3c498f2b01ff210ee6134b70c663c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ad993a95c508417acdeb15244109e009e50d8758

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ba710baa1cc1b17a0483f7befe03e696efd17292

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c1b40d1959517ff2ea473d40eeab4691d6d62462

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c92298d228f61589dd21657af2bea95fc866b813

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3133e01514c3c498f2b01ff210ee6134b70c663c

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ad993a95c508417acdeb15244109e009e50d8758

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ba710baa1cc1b17a0483f7befe03e696efd17292

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/c92298d228f61589dd21657af2bea95fc866b813

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.