SB2024060485 - Out-of-bounds read in Linux kernel isofs

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds read (CVE-ID: CVE-2021-47478)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the isofs_read_inode() function in fs/isofs/inode.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/156ce5bb6cc43a80a743810199defb1dc3f55b7f
• https://git.kernel.org/stable/c/9ec33a9b8790c212cc926a88c5e2105f97f3f57e
• https://git.kernel.org/stable/c/afbd40f425227e661d991757e11cc4db024e761f
• https://git.kernel.org/stable/c/b0ddff8d68f2e43857a84dce54c3deab181c8ae1
• https://git.kernel.org/stable/c/6e80e9314f8bb52d9eabe1907698718ff01120f5
• https://git.kernel.org/stable/c/86d4aedcbc69c0f84551fb70f953c24e396de2d7
• https://git.kernel.org/stable/c/b2fa1f52d22c5455217b294629346ad23a744945
• https://git.kernel.org/stable/c/e7fb722586a2936b37bdff096c095c30ca06404d
• https://git.kernel.org/stable/c/e96a1866b40570b5950cda8602c2819189c62a48
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.255
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.217
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.292
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.290
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.18
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.2
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.159