[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2021-47497":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":19,"modified_at":20,"state":9,"summary":21,"references_raw":23,"kevs":30,"epss":9,"epss_history":31,"metrics":32,"affected":39},"DEBIAN-CVE-2021-47497","In the Linux kernel, the following vulnerability has been resolved:  nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells  If a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic   *p &= GENMASK((cell->nbits%BITS_PER_BYTE) - 1, 0);  will become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we subtract one from that making a large number that is then shifted more than the number of bits that fit into an unsigned long.  UBSAN reports this problem:   UBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8  shift exponent 64 is too large for 64-bit type 'unsigned long'  CPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9  Hardware name: Google Lazor (rev3+) with KB Backlight (DT)  Workqueue: events_unbound deferred_probe_work_func  Call trace:   dump_backtrace+0x0/0x170   show_stack+0x24/0x30   dump_stack_lvl+0x64/0x7c   dump_stack+0x18/0x38   ubsan_epilogue+0x10/0x54   __ubsan_handle_shift_out_of_bounds+0x180/0x194   __nvmem_cell_read+0x1ec/0x21c   nvmem_cell_read+0x58/0x94   nvmem_cell_read_variable_common+0x4c/0xb0   nvmem_cell_read_variable_le_u32+0x40/0x100   a6xx_gpu_init+0x170/0x2f4   adreno_bind+0x174/0x284   component_bind_all+0xf0/0x264   msm_drm_bind+0x1d8/0x7a0   try_to_bring_up_master+0x164/0x1ac   __component_add+0xbc/0x13c   component_add+0x20/0x2c   dp_display_probe+0x340/0x384   platform_probe+0xc0/0x100   really_probe+0x110/0x304   __driver_probe_device+0xb8/0x120   driver_probe_device+0x4c/0xfc   __device_attach_driver+0xb0/0x128   bus_for_each_drv+0x90/0xdc   __device_attach+0xc8/0x174   device_initial_probe+0x20/0x2c   bus_probe_device+0x40/0xa4   deferred_probe_work_func+0x7c/0xb8   process_one_work+0x128/0x21c   process_scheduled_works+0x40/0x54   worker_thread+0x1ec/0x2a8   kthread+0x138/0x158   ret_from_fork+0x10/0x20  Fix it by making sure there are any bits to mask out.",null,[],[],[],[14],{"_key":15},"CVE-2021-47497",[],[],[],"2024-05-22T09:15:11.513Z","2026-04-28T20:23:30.232367Z",{"cisa_kev":22,"cisa_ransomware":22,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[24],{"url":25,"sources":26,"tags":28},"https://security-tracker.debian.org/tracker/CVE-2021-47497",[27],"osv_debian",[29],"Advisory",[],[],[33],{"source":27,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":34,"cvss_v4_0":9},{"baseScore":35,"baseSeverity":9,"vectorString":36,"impactScore":37,"exploitabilityScore":38},7.8,"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",9.8,4.6,[40],{"ecosystem":41,"name":42,"vendor":43,"product":42,"cpe_part":9,"purl_type":44,"purl_namespace":43,"purl_name":42,"source":9,"versions":45},"Debian","linux","debian","deb",[46,52,55,56],{"version":47,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":50,"version_end_type":51,"fixed_in":9},"lt5_10_84_1",true,"ecosystem","5.10.84-1","excluding",{"version":53,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":54,"version_end_type":51,"fixed_in":9},"lt5_14_16_1","5.14.16-1",{"version":53,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":54,"version_end_type":51,"fixed_in":9},{"version":53,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":54,"version_end_type":51,"fixed_in":9}]