Satheesh575555 / linux-4.1.15_CVE-2023-28772

Other
0 stars 1 forks source link

CVE-2021-46906 (Medium) detected in linuxlinux-4.6 #903

Open mend-bolt-for-github[bot] opened 7 months ago

mend-bolt-for-github[bot] commented 7 months ago

CVE-2021-46906 - Medium Severity Vulnerability

Vulnerable Library - linuxlinux-4.6

The Linux Kernel

Library home page: https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/?wsslib=linux

Found in HEAD commit: 63ac601c421ad3f087ec68a99300cc5058d1cc54

Found in base branch: master

Vulnerable Source Files (1)

Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hid_submit_ctrl In hid_submit_ctrl(), the way of calculating the report length doesn't take into account that report->size can be zero. When running the syzkaller reproducer, a report of size 0 causes hid_submit_ctrl) to calculate transfer_buffer_length as 16384. When this urb is passed to the usb core layer, KMSAN reports an info leak of 16384 bytes. To fix this, first modify hid_report_len() to account for the zero report size case by using DIV_ROUND_UP for the division. Then, call it from hid_submit_ctrl().

Publish Date: 2024-02-26

URL: CVE-2021-46906

CVSS 3 Score Details (5.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.linuxkernelcves.com/cves/CVE-2021-46906

Release Date: 2024-02-26

Fix Resolution: v4.4.274,v4.9.274,v4.14.238,v4.19.196,v5.4.127,v5.12.12


Step up your Open Source Security Game with Mend here