CVE-2021-47620
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop, and would fill journal with false positives. Added check to beginning of loop processing so that it doesn't get checked after ptr has been advanced.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS Trends
Current EPSS score: 0.03%• Percentile: 9%
Techniques & Countermeasures
- CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
Affected Systems
- linux•linux
≥ 048acfa4daf167b007b6bd8bef474e90c2282a5f, < 305e92f525450f3e1b5f5c9dc7eadb152d66a082 | ≥ 7d4238edd3bf8b8c75571cc3b382bc10438ac588, < 7889b38a7f21ed19314f83194622b195d328465c | ≥ 185c77cbb53bc7481acc5a0b4e6119bbe393d561, < 5a539c08d743d9910631448da78af5e961664c0e | ≥ 4a1491432394b22e585a185ffca49086e4046aae, < 8819f93cd4a443dfe547aa622b21f723757df3fb | ≥ 24161b9c43de966789d5956428f45002d10f878e, < 835d3706852537bf92eb23eb8635b8dee0c0aa67 | ≥ ffc9019bd991707701273c2e5d8aed472229fc4d, < 83d5196b65d1b29e27d7dd16a3b9b439fb1d2dba | ≥ 2de0e6a71ceb056e17e4684dce8b7640367996f9, < bcea886771c3f22a590c8c8b9139a107bd7f1e1c | ≥ 640a476e38fce6c70c738ac09e5167e34f570303, < 5c968affa804ba98c3c603f37ffea6fba618025e | ≥ 3a56ef719f0b9682afb8a86d64b2399e36faa4e6, < 899663be5e75dc0174dc8bda0b5e6826edf0b29a | ≥ 4.4.300, < 4.4.302 | ≥ 4.9.298, < 4.9.300 | ≥ 4.14.263, < 4.14.265 | ≥ 4.19.226, < 4.19.228 | ≥ 5.4.174, < 5.4.176 | ≥ 5.10.94, < 5.10.96 | ≥ 5.15.17, < 5.15.19 | ≥ 5.16.3, < 5.16.5
- linux•linux_kernel
< 4.4.302 | ≥ 4.5, < 4.9.300 | ≥ 4.10, < 4.14.265 | ≥ 4.15, < 4.19.228 | ≥ 4.20, < 5.4.176 | ≥ 5.5, < 5.10.96 | ≥ 5.11, < 5.15.19 | ≥ 5.16, < 5.16.5
References (9)
- https://git.kernel.org/stable/c/305e92f525450f3e1b5f5c9dc7eadb152d66a082
- https://git.kernel.org/stable/c/7889b38a7f21ed19314f83194622b195d328465c
- https://git.kernel.org/stable/c/5a539c08d743d9910631448da78af5e961664c0e
- https://git.kernel.org/stable/c/8819f93cd4a443dfe547aa622b21f723757df3fb
- https://git.kernel.org/stable/c/835d3706852537bf92eb23eb8635b8dee0c0aa67
- https://git.kernel.org/stable/c/83d5196b65d1b29e27d7dd16a3b9b439fb1d2dba
- https://git.kernel.org/stable/c/bcea886771c3f22a590c8c8b9139a107bd7f1e1c
- https://git.kernel.org/stable/c/5c968affa804ba98c3c603f37ffea6fba618025e
- https://git.kernel.org/stable/c/899663be5e75dc0174dc8bda0b5e6826edf0b29a