CVE-2021-47086
Published: Mar 4, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl() implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problems would occur: 1) We'd send an pipe enablement request with an invalid source object. 2) Later socket calls could BUG on the socket unexpectedly being connected yet not bound to a valid object.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected bdb6e697b2a76c541960b86ab8fda88f3de1adf2 - < 0bbdd62ce9d44f3a22059b3d20a0df977d9f6d59affected bdb6e697b2a76c541960b86ab8fda88f3de1adf2 - < b10c7d745615a092a50c2e03ce70446d2bec2acaaffected bdb6e697b2a76c541960b86ab8fda88f3de1adf2 - < 311601f114859d586d5ef8833d60d3aa23282161affected bdb6e697b2a76c541960b86ab8fda88f3de1adf2 - < 982b6ba1ce626ef87e5c29f26f2401897554f235affected bdb6e697b2a76c541960b86ab8fda88f3de1adf2 - < 48c76fc53582e7f13c1e0b11c916e503256c4d0b+3 more versions |
Linux | Linux | affected 3.3unaffected 0 - < 3.3unaffected 4.4.297 - <= 4.4.*unaffected 4.9.295 - <= 4.9.*unaffected 4.14.260 - <= 4.14.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now