[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2021-4439":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":19,"modified_at":20,"state":9,"summary":21,"references_raw":23,"kevs":30,"epss":9,"epss_history":31,"metrics":32,"affected":39},"DEBIAN-CVE-2021-4439","In the Linux kernel, the following vulnerability has been resolved:  isdn: cpai: check ctr->cnr to avoid array index out of bound  The cmtp_add_connection() would add a cmtp session to a controller and run a kernel thread to process cmtp.  \t__module_get(THIS_MODULE); \tsession->task = kthread_run(cmtp_session, session, \"kcmtpd_ctr_%d\", \t\t\t\t\t\t\t\tsession->num);  During this process, the kernel thread would call detach_capi_ctr() to detach a register controller. if the controller was not attached yet, detach_capi_ctr() would trigger an array-index-out-bounds bug.  [   46.866069][ T6479] UBSAN: array-index-out-of-bounds in drivers/isdn/capi/kcapi.c:483:21 [   46.867196][ T6479] index -1 is out of range for type 'capi_ctr *[32]' [   46.867982][ T6479] CPU: 1 PID: 6479 Comm: kcmtpd_ctr_0 Not tainted 5.15.0-rc2+ #8 [   46.869002][ T6479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 [   46.870107][ T6479] Call Trace: [   46.870473][ T6479]  dump_stack_lvl+0x57/0x7d [   46.870974][ T6479]  ubsan_epilogue+0x5/0x40 [   46.871458][ T6479]  __ubsan_handle_out_of_bounds.cold+0x43/0x48 [   46.872135][ T6479]  detach_capi_ctr+0x64/0xc0 [   46.872639][ T6479]  cmtp_session+0x5c8/0x5d0 [   46.873131][ T6479]  ? __init_waitqueue_head+0x60/0x60 [   46.873712][ T6479]  ? cmtp_add_msgpart+0x120/0x120 [   46.874256][ T6479]  kthread+0x147/0x170 [   46.874709][ T6479]  ? set_kthread_struct+0x40/0x40 [   46.875248][ T6479]  ret_from_fork+0x1f/0x30 [   46.875773][ T6479]",null,[],[],[],[14],{"_key":15},"CVE-2021-4439",[],[],[],"2024-06-20T12:15:10.447Z","2026-04-28T20:23:05.902989Z",{"cisa_kev":22,"cisa_ransomware":22,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[24],{"url":25,"sources":26,"tags":28},"https://security-tracker.debian.org/tracker/CVE-2021-4439",[27],"osv_debian",[29],"Advisory",[],[],[33],{"source":27,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":34,"cvss_v4_0":9},{"baseScore":35,"baseSeverity":9,"vectorString":36,"impactScore":37,"exploitabilityScore":38},7.8,"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",9.8,4.6,[40],{"ecosystem":41,"name":42,"vendor":43,"product":42,"cpe_part":9,"purl_type":44,"purl_namespace":43,"purl_name":42,"source":9,"versions":45},"Debian","linux","debian","deb",[46,52,55,56],{"version":47,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":50,"version_end_type":51,"fixed_in":9},"lt5_10_84_1",true,"ecosystem","5.10.84-1","excluding",{"version":53,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":54,"version_end_type":51,"fixed_in":9},"lt5_14_16_1","5.14.16-1",{"version":53,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":54,"version_end_type":51,"fixed_in":9},{"version":53,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":54,"version_end_type":51,"fixed_in":9}]