CVE-2021-47404

Published: May 21, 2024Modified: Dec 24, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malicious devices violate this assumption. So this patch checks hid_device's input is non empty before it's been used.

Affected (10)

Products: Linux: Linux Kernel

1 product

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 4.4.286
Linux Linux Kernel	From 4.10 to 4.14.249
Linux Linux Kernel	From 4.15 to 4.19.209
Linux Linux Kernel	From 4.20 to 5.4.151
Linux Linux Kernel	From 4.5 to 4.9.285
Linux Linux Kernel	From 5.11 to 5.14.10
Linux Linux Kernel	From 5.5 to 5.10.71
Linux Linux Kernel	Version 5.15 rc1
Linux Linux Kernel	Version 5.15 rc2
Linux Linux Kernel	Version 5.15 rc3

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (16)

https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.