[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-47636":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":39,"related":40,"reserved_at":9,"published_at":45,"modified_at":46,"state":47,"summary":48,"references_raw":57,"kevs":88,"epss":89,"epss_history":92,"metrics":358,"affected":366},"CVE-2021-47636","In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()\n\nFunction ubifs_wbuf_write_nolock() may access buf out of bounds in\nfollowing process:\n\nubifs_wbuf_write_nolock():\n  aligned_len = ALIGN(len, 8);   // Assume len = 4089, aligned_len = 4096\n  if (aligned_len \u003C= wbuf->avail) ... // Not satisfy\n  if (wbuf->used) {\n    ubifs_leb_write()  // Fill some data in avail wbuf\n    len -= wbuf->avail;   // len is still not 8-bytes aligned\n    aligned_len -= wbuf->avail;\n  }\n  n = aligned_len >> c->max_write_shift;\n  if (n) {\n    n \u003C\u003C= c->max_write_shift;\n    err = ubifs_leb_write(c, wbuf->lnum, buf + written,\n                          wbuf->offs, n);\n    // n > len, read out of bounds less than 8(n-len) bytes\n  }\n\n, which can be catched by KASAN:\n  =========================================================\n  BUG: KASAN: slab-out-of-bounds in ecc_sw_hamming_calculate+0x1dc/0x7d0\n  Read of size 4 at addr ffff888105594ff8 by task kworker/u8:4/128\n  Workqueue: writeback wb_workfn (flush-ubifs_0_0)\n  Call Trace:\n    kasan_report.cold+0x81/0x165\n    nand_write_page_swecc+0xa9/0x160\n    ubifs_leb_write+0xf2/0x1b0 [ubifs]\n    ubifs_wbuf_write_nolock+0x421/0x12c0 [ubifs]\n    write_head+0xdc/0x1c0 [ubifs]\n    ubifs_jnl_write_inode+0x627/0x960 [ubifs]\n    wb_workfn+0x8af/0xb80\n\nFunction ubifs_wbuf_write_nolock() accepts that parameter 'len' is not 8\nbytes aligned, the 'len' represents the true length of buf (which is\nallocated in 'ubifs_jnl_xxx', eg. ubifs_jnl_write_inode), so\nubifs_wbuf_write_nolock() must handle the length read from 'buf' carefully\nto write leb safely.\n\nFetch a reproducer in [Link].",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37],{"_key":28},"SUSE-SU-2025:1027-1",{"_key":30},"SUSE-SU-2025:1176-1",{"_key":32},"SUSE-SU-2025:1183-1",{"_key":34},"SUSE-SU-2025:1241-1",{"_key":36},"DEBIAN-CVE-2021-47636",{"_key":38},"UBUNTU-CVE-2021-47636",[],[41,42,43,44],{"_key":28},{"_key":30},{"_key":32},{"_key":34},"2025-02-26T01:54:10.206Z","2026-05-11T13:58:13.687Z","Modified",{"cisa_kev":49,"cisa_ransomware":49,"cisa_vendor":9,"epss_severity":50,"epss_score":51,"severity":52,"severity_score":53,"severity_version":54,"severity_source":55,"severity_vector":56,"severity_status":47},false,"low",0.00015,"high",7.1,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",[58,64,68,72,76,80,84],{"url":59,"sources":60,"tags":62},"https://git.kernel.org/stable/c/5343575aa11c5d7044107d59d43f84aec01312b0",[55,61],"nvd",[63],"Patch",{"url":65,"sources":66,"tags":67},"https://git.kernel.org/stable/c/b80ccbec0e4804436c382d7dd60e943c386ed83a",[55,61],[63],{"url":69,"sources":70,"tags":71},"https://git.kernel.org/stable/c/07a209fadee7b53b46858538e1177597273862e4",[55,61],[63],{"url":73,"sources":74,"tags":75},"https://git.kernel.org/stable/c/a7054aaf1909cf40489c0ec1b728fdcf79c751a6",[55,61],[63],{"url":77,"sources":78,"tags":79},"https://git.kernel.org/stable/c/e09fa5318d51f522e1af4fbaf8f74999355980c8",[55,61],[63],{"url":81,"sources":82,"tags":83},"https://git.kernel.org/stable/c/3b7fb89135a20587d57f8877c02e25003e9edbdf",[55,61],[63],{"url":85,"sources":86,"tags":87},"https://git.kernel.org/stable/c/4f2262a334641e05f645364d5ade1f565c85f20b",[55,61],[63],[],{"date":90,"score":51,"percentile":91},"2026-06-03",0.03169,[93,97,100,103,106,109,112,115,118,122,125,128,131,134,137,141,144,147,150,154,157,160,163,166,169,172,175,178,181,184,187,190,193,196,199,202,205,208,211,214,217,220,223,226,229,232,235,238,240,243,247,249,252,255,258,261,264,267,269,272,275,278,281,284,287,290,293,296,299,301,304,307,310,313,315,318,321,324,327,330,333,335,338,340,343,345,348,350,352,355],{"date":94,"score":95,"percentile":96},"2025-11-04",0.00029,0.06911,{"date":98,"score":95,"percentile":99},"2025-11-05",0.06932,{"date":101,"score":95,"percentile":102},"2025-11-06",0.07049,{"date":104,"score":95,"percentile":105},"2025-11-07",0.07073,{"date":107,"score":95,"percentile":108},"2025-11-08",0.07067,{"date":110,"score":95,"percentile":111},"2025-11-09",0.07045,{"date":113,"score":95,"percentile":114},"2025-11-10",0.07019,{"date":116,"score":95,"percentile":117},"2025-11-11",0.07046,{"date":119,"score":120,"percentile":121},"2025-11-12",0.00031,0.0778,{"date":123,"score":120,"percentile":124},"2025-11-13",0.07817,{"date":126,"score":120,"percentile":127},"2025-11-14",0.07864,{"date":129,"score":120,"percentile":130},"2025-11-15",0.07919,{"date":132,"score":120,"percentile":133},"2025-11-16",0.07933,{"date":135,"score":120,"percentile":136},"2025-11-17",0.07923,{"date":138,"score":139,"percentile":140},"2025-11-18",0.00057,0.13434,{"date":142,"score":139,"percentile":143},"2025-11-19",0.13451,{"date":145,"score":139,"percentile":146},"2025-11-20",0.13466,{"date":148,"score":120,"percentile":149},"2025-11-21",0.08078,{"date":151,"score":152,"percentile":153},"2025-11-22",0.00034,0.09282,{"date":155,"score":152,"percentile":156},"2025-11-23",0.09253,{"date":158,"score":152,"percentile":159},"2025-11-24",0.09237,{"date":161,"score":152,"percentile":162},"2025-11-25",0.09226,{"date":164,"score":152,"percentile":165},"2025-11-26",0.09233,{"date":167,"score":152,"percentile":168},"2025-11-27",0.09245,{"date":170,"score":152,"percentile":171},"2025-11-28",0.09227,{"date":173,"score":152,"percentile":174},"2025-11-29",0.09252,{"date":176,"score":152,"percentile":177},"2025-11-30",0.0926,{"date":179,"score":152,"percentile":180},"2025-12-01",0.09304,{"date":182,"score":152,"percentile":183},"2025-12-02",0.09317,{"date":185,"score":152,"percentile":186},"2025-12-03",0.09341,{"date":188,"score":152,"percentile":189},"2025-12-04",0.09338,{"date":191,"score":152,"percentile":192},"2025-12-05",0.09395,{"date":194,"score":152,"percentile":195},"2025-12-06",0.09406,{"date":197,"score":152,"percentile":198},"2025-12-07",0.0941,{"date":200,"score":152,"percentile":201},"2025-12-08",0.09416,{"date":203,"score":152,"percentile":204},"2025-12-09",0.09474,{"date":206,"score":152,"percentile":207},"2025-12-10",0.09555,{"date":209,"score":152,"percentile":210},"2025-12-11",0.09588,{"date":212,"score":152,"percentile":213},"2025-12-12",0.0961,{"date":215,"score":152,"percentile":216},"2025-12-13",0.09637,{"date":218,"score":152,"percentile":219},"2025-12-14",0.09631,{"date":221,"score":152,"percentile":222},"2025-12-15",0.09557,{"date":224,"score":152,"percentile":225},"2025-12-16",0.09545,{"date":227,"score":152,"percentile":228},"2025-12-17",0.09627,{"date":230,"score":152,"percentile":231},"2025-12-18",0.09685,{"date":233,"score":152,"percentile":234},"2025-12-19",0.09706,{"date":236,"score":152,"percentile":237},"2025-12-20",0.097,{"date":239,"score":152,"percentile":231},"2025-12-21",{"date":241,"score":152,"percentile":242},"2025-12-22",0.09658,{"date":244,"score":245,"percentile":246},"2025-12-23",0.00036,0.10288,{"date":248,"score":245,"percentile":246},"2025-12-24",{"date":250,"score":245,"percentile":251},"2025-12-25",0.10372,{"date":253,"score":245,"percentile":254},"2025-12-26",0.10367,{"date":256,"score":245,"percentile":257},"2025-12-27",0.10364,{"date":259,"score":245,"percentile":260},"2025-12-28",0.1037,{"date":262,"score":245,"percentile":263},"2025-12-29",0.10334,{"date":265,"score":245,"percentile":266},"2025-12-30",0.10314,{"date":268,"score":245,"percentile":257},"2025-12-31",{"date":270,"score":245,"percentile":271},"2026-01-01",0.10411,{"date":273,"score":245,"percentile":274},"2026-01-02",0.10409,{"date":276,"score":245,"percentile":277},"2026-01-03",0.10382,{"date":279,"score":245,"percentile":280},"2026-01-04",0.10301,{"date":282,"score":245,"percentile":283},"2026-01-05",0.10262,{"date":285,"score":245,"percentile":286},"2026-01-06",0.10251,{"date":288,"score":245,"percentile":289},"2026-01-07",0.10283,{"date":291,"score":245,"percentile":292},"2026-01-08",0.10336,{"date":294,"score":245,"percentile":295},"2026-01-09",0.10366,{"date":297,"score":245,"percentile":298},"2026-01-10",0.10389,{"date":300,"score":245,"percentile":251},"2026-01-11",{"date":302,"score":245,"percentile":303},"2026-01-12",0.10347,{"date":305,"score":245,"percentile":306},"2026-01-13",0.1031,{"date":308,"score":245,"percentile":309},"2026-01-14",0.10361,{"date":311,"score":245,"percentile":312},"2026-01-15",0.10374,{"date":314,"score":245,"percentile":274},"2026-01-16",{"date":316,"score":245,"percentile":317},"2026-01-17",0.10425,{"date":319,"score":245,"percentile":320},"2026-01-18",0.10386,{"date":322,"score":245,"percentile":323},"2026-01-19",0.10339,{"date":325,"score":245,"percentile":326},"2026-01-20",0.10312,{"date":328,"score":245,"percentile":329},"2026-01-21",0.10276,{"date":331,"score":245,"percentile":332},"2026-01-22",0.10269,{"date":334,"score":245,"percentile":257},"2026-01-23",{"date":336,"score":245,"percentile":337},"2026-01-24",0.10416,{"date":339,"score":245,"percentile":312},"2026-01-25",{"date":341,"score":245,"percentile":342},"2026-01-26",0.10328,{"date":344,"score":245,"percentile":326},"2026-01-27",{"date":346,"score":245,"percentile":347},"2026-01-28",0.10287,{"date":349,"score":245,"percentile":283},"2026-01-29",{"date":351,"score":245,"percentile":329},"2026-01-30",{"date":353,"score":245,"percentile":354},"2026-01-31",0.10292,{"date":356,"score":245,"percentile":357},"2026-02-01",0.10303,[359,364],{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":360,"cvss_v4_0":9},{"baseScore":53,"baseSeverity":361,"vectorString":56,"impactScore":362,"exploitabilityScore":363},"HIGH",8.7,4.6,{"source":61,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":365,"cvss_v4_0":9},{"baseScore":53,"baseSeverity":361,"vectorString":56,"impactScore":362,"exploitabilityScore":363},[367,399],{"ecosystem":9,"name":368,"vendor":369,"product":369,"cpe_part":370,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":371},"Linux","linux","a",[372,379,382,385,388,391,394,397],{"version":373,"is_range":374,"range_type":55,"version_start":375,"version_start_type":376,"version_end":377,"version_end_type":378,"fixed_in":9},">= 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d, \u003C 5343575aa11c5d7044107d59d43f84aec01312b0",true,"1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d","including","5343575aa11c5d7044107d59d43f84aec01312b0","excluding",{"version":380,"is_range":374,"range_type":55,"version_start":375,"version_start_type":376,"version_end":381,"version_end_type":378,"fixed_in":9},">= 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d, \u003C b80ccbec0e4804436c382d7dd60e943c386ed83a","b80ccbec0e4804436c382d7dd60e943c386ed83a",{"version":383,"is_range":374,"range_type":55,"version_start":375,"version_start_type":376,"version_end":384,"version_end_type":378,"fixed_in":9},">= 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d, \u003C 07a209fadee7b53b46858538e1177597273862e4","07a209fadee7b53b46858538e1177597273862e4",{"version":386,"is_range":374,"range_type":55,"version_start":375,"version_start_type":376,"version_end":387,"version_end_type":378,"fixed_in":9},">= 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d, \u003C a7054aaf1909cf40489c0ec1b728fdcf79c751a6","a7054aaf1909cf40489c0ec1b728fdcf79c751a6",{"version":389,"is_range":374,"range_type":55,"version_start":375,"version_start_type":376,"version_end":390,"version_end_type":378,"fixed_in":9},">= 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d, \u003C e09fa5318d51f522e1af4fbaf8f74999355980c8","e09fa5318d51f522e1af4fbaf8f74999355980c8",{"version":392,"is_range":374,"range_type":55,"version_start":375,"version_start_type":376,"version_end":393,"version_end_type":378,"fixed_in":9},">= 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d, \u003C 3b7fb89135a20587d57f8877c02e25003e9edbdf","3b7fb89135a20587d57f8877c02e25003e9edbdf",{"version":395,"is_range":374,"range_type":55,"version_start":375,"version_start_type":376,"version_end":396,"version_end_type":378,"fixed_in":9},">= 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d, \u003C 4f2262a334641e05f645364d5ade1f565c85f20b","4f2262a334641e05f645364d5ade1f565c85f20b",{"version":398,"is_range":49,"range_type":55,"version_start":398,"version_start_type":376,"version_end":398,"version_end_type":376,"fixed_in":9},"2.6.27",{"ecosystem":9,"name":400,"vendor":369,"product":401,"cpe_part":402,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":403},"linux kernel","linux_kernel","o",[404,408,412,416,420,424],{"version":405,"is_range":374,"range_type":406,"version_start":398,"version_start_type":376,"version_end":407,"version_end_type":378,"fixed_in":9},"gte2.6.27_lt4.19.238","cpe","4.19.238",{"version":409,"is_range":374,"range_type":406,"version_start":410,"version_start_type":376,"version_end":411,"version_end_type":378,"fixed_in":9},"gte4.20_lt5.4.189","4.20","5.4.189",{"version":413,"is_range":374,"range_type":406,"version_start":414,"version_start_type":376,"version_end":415,"version_end_type":378,"fixed_in":9},"gte5.5_lt5.10.110","5.5","5.10.110",{"version":417,"is_range":374,"range_type":406,"version_start":418,"version_start_type":376,"version_end":419,"version_end_type":378,"fixed_in":9},"gte5.11_lt5.15.33","5.11","5.15.33",{"version":421,"is_range":374,"range_type":406,"version_start":422,"version_start_type":376,"version_end":423,"version_end_type":378,"fixed_in":9},"gte5.16_lt5.16.19","5.16","5.16.19",{"version":425,"is_range":374,"range_type":406,"version_start":426,"version_start_type":376,"version_end":427,"version_end_type":378,"fixed_in":9},"gte5.17_lt5.17.2","5.17","5.17.2"]