#VU104540 Out-of-bounds read in Linux kernel - CVE-2021-47633
Published: February 26, 2025 / Updated: May 11, 2025
Vulnerability identifier: #VU104540
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-47633
CWE-ID: CWE-125
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath5k_eeprom_convert_pcal_info_5111() function in drivers/net/wireless/ath/ath5k/eeprom.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/25efc5d03455c3839249bc77fce5e29ecb54677e
- https://git.kernel.org/stable/c/564d4eceb97eaf381dd6ef6470b06377bb50c95a
- https://git.kernel.org/stable/c/9d7d83d0399e23d66fd431b553842a84ac10398f
- https://git.kernel.org/stable/c/be2f81024e7981565d90a4c9ca3067d11b6bca7f
- https://git.kernel.org/stable/c/c4e2f577271e158d87a916afb4e87415a88ce856
- https://git.kernel.org/stable/c/cbd96d6cad6625feba9c8d101ed4977d53e82f8e
- https://git.kernel.org/stable/c/ed3dfdaa8b5f0579eabfc1c5818eed30cfe1fe84
- https://git.kernel.org/stable/c/f4de974019a0adf34d0e7de6b86252f1bd266b06
- https://git.kernel.org/stable/c/fc8f7752a82f4accb99c0f1a868906ba1eb7b86f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.20