CVE-2021-38160
Vulnerability Summary
Timeline
Description
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior
CVSS Metrics
- v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- v2.0•HIGH•Score: 7.2AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS Trends
Current EPSS score: 0.04%• Percentile: 12%
Techniques & Countermeasures
- CWE-120•Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Affected Systems
- debian•debian_linux
9.0 | 10.0
- linux•linux_kernel
≥ 2.6.24, < 4.4.276 | ≥ 4.5, < 4.9.276 | ≥ 4.10, < 4.14.240 | ≥ 4.15, < 4.19.198 | ≥ 4.20, < 5.4.134 | ≥ 5.5, < 5.10.52 | ≥ 5.11, < 5.12.19 | ≥ 5.13, < 5.13.4
- netapp•element_software
na
- netapp•hci_bootstrap_os
na
- netapp•hci_management_node
na
- netapp•solidfire
na
- redhat•enterprise_linux
8.0
References (7)
- https://github.com/torvalds/linux/commit/d00d8da5869a2608e97cfede094dfc5e11462a46
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4
- https://access.redhat.com/security/cve/cve-2021-38160
- https://security.netapp.com/advisory/ntap-20210902-0010/
- https://www.debian.org/security/2021/dsa-4978
- https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
- https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html