Buffer overflow in Linux kernel trace
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-47276 |
| CWE-ID | CWE-119 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Buffer overflow
EUVDB-ID: #VU93664
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47276
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ftrace_hash_ipmodify_update() function in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 4.4 - 5.13 rc5
CPE2.3- cpe:2.3:o:linux_foundation:linux_kernel:4.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.0-57:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux_foundation:linux_kernel:4.4.7:*:*:*:*:*:*:*
https://git.kernel.org/stable/c/0bc62e398bbd9e600959e610def5109957437b28
https://git.kernel.org/stable/c/4aedc2bc2b32c93555f47c95610efb89cc1ec09b
https://git.kernel.org/stable/c/acf671ba79c1feccc3ec7cfdcffead4efcec49e7
https://git.kernel.org/stable/c/862dcc14f2803c556bdd73b43c27b023fafce2fb
https://git.kernel.org/stable/c/7e4e824b109f1d41ccf223fbb0565d877d6223a2
https://git.kernel.org/stable/c/97524384762c1fb9b3ded931498dd2047bd0de81
https://git.kernel.org/stable/c/3e4ddeb68751fb4fb657199aed9cfd5d02796875
https://git.kernel.org/stable/c/6c14133d2d3f768e0a35128faac8aa6ed4815051
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.237
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.195
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.273
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.273
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.44
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.11
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.126
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
