CVE-2021-47040
Severity CVSS v4.0:
Pending analysis
Type:
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
28/02/2024
Last modified:
09/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
io_uring: fix overflows checks in provide buffers<br />
<br />
Colin reported before possible overflow and sign extension problems in<br />
io_provide_buffers_prep(). As Linus pointed out previous attempt did nothing<br />
useful, see d81269fecb8ce ("io_uring: fix provide_buffers sign extension").<br />
<br />
Do that with help of check__overflow helpers. And fix struct<br />
io_provide_buf::len type, as it doesn&#39;t make much sense to keep it<br />
signed.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.8 (including) | 5.10.37 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.11.21 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.12 (including) | 5.12.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/38134ada0ceea3e848fe993263c0ff6207fd46e7
- https://git.kernel.org/stable/c/51bf90901952aaac564bbdb36b2b503050c53dd9
- https://git.kernel.org/stable/c/84b8c266c4bfe9ed5128e13253c388deb74b1b03
- https://git.kernel.org/stable/c/cbbc13b115b8f18e0a714d89f87fbdc499acfe2d
- https://git.kernel.org/stable/c/38134ada0ceea3e848fe993263c0ff6207fd46e7
- https://git.kernel.org/stable/c/51bf90901952aaac564bbdb36b2b503050c53dd9
- https://git.kernel.org/stable/c/84b8c266c4bfe9ed5128e13253c388deb74b1b03
- https://git.kernel.org/stable/c/cbbc13b115b8f18e0a714d89f87fbdc499acfe2d