CVE-2021-47604

Published: Jun 19, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in get_config() This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset > dev->config_size". The problem is that since both variables are unsigned the "dev->config_size - offset" subtraction would result in a very high unsigned value. I think these checks might not be necessary because "len" and "offset" are supposed to already have been validated using the vhost_vdpa_config_validate() function. But I do not know the code perfectly, and I like to be safe.

Vendor	Product	Versions
Linux	Linux	affected `c8a6153b6c59d95c0e091f053f6f180952ade91e - < ebbbc5fea3f648175df1aa3f127c78eb0252cc2a` affected `c8a6153b6c59d95c0e091f053f6f180952ade91e - < dc1db0060c02d119fd4196924eff2d1129e9a442`
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `5.15.11 - <= 5.15.` unaffected `5.16 - <= `

References

https://git.kernel.org/stable/c/ebbbc5fea3f648175df1aa3f127c78eb0252cc2a

https://git.kernel.org/stable/c/dc1db0060c02d119fd4196924eff2d1129e9a442

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-47604

Description

Affected Products

References