CVE-2021-46943
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/02/2024
Last modified:
10/04/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
media: staging/intel-ipu3: Fix set_fmt error handling<br />
<br />
If there in an error during a set_fmt, do not overwrite the previous<br />
sizes with the invalid config.<br />
<br />
Without this patch, v4l2-compliance ends up allocating 4GiB of RAM and<br />
causing the following OOPs<br />
<br />
[ 38.662975] ipu3-imgu 0000:00:05.0: swiotlb buffer is full (sz: 4096 bytes)<br />
[ 38.662980] DMA: Out of SW-IOMMU space for 4096 bytes at device 0000:00:05.0<br />
[ 38.663010] general protection fault: 0000 [#1] PREEMPT SMP
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.2.0 (including) | 5.4.118 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5.0 (including) | 5.10.36 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11.0 (including) | 5.11.20 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.12.0 (including) | 5.12.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/34892ea938387d83ffcfb7775ec55f0f80767916
- https://git.kernel.org/stable/c/6fb617e37a39db0a3eca4489431359d0bdf3b9bc
- https://git.kernel.org/stable/c/a03fb1e8a110658215a4cefc3e2ad53279e496a6
- https://git.kernel.org/stable/c/ad91849996f9dd79741a961fd03585a683b08356
- https://git.kernel.org/stable/c/c6b81b897f6f9445d57f8d47c4e060ec21556137