#VU93141 Buffer overflow in Linux kernel - CVE-2021-47460
Published: June 24, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU93141
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-47460
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ocfs2_set_inode_data_inline() and ocfs2_convert_inline_data_to_extents() functions in fs/ocfs2/alloc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/560edd14de2bf9dbc0129681eeb4d5ef87cc105f
- https://git.kernel.org/stable/c/8e6bfb4f70168ddfd32fb6dc028ad52faaf1f32e
- https://git.kernel.org/stable/c/a3a089c241cd49b33a8cdd7fcb37cc87a086912a
- https://git.kernel.org/stable/c/b05caf023b14cbed9223bb5b48ecc7bffe38f632
- https://git.kernel.org/stable/c/f1b98569e81c37d7e0deada7172f8f60860c1360
- https://git.kernel.org/stable/c/fa9b6b6c953e3f6441ed6cf83b4c771dac2dae08
- https://git.kernel.org/stable/c/5314454ea3ff6fc746eaf71b9a7ceebed52888fa
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.253
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.214
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.288
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.156