Buffer overflow in Linux kernel - CVE-2021-47566
Published: June 25, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU93289
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-47566
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the read_from_oldmem() function in fs/proc/vmcore.c. A local user can escalate privileges on the system.
How to mitigate CVE-2021-47566
Install update from vendor's website.
Sources
- https://git.kernel.org/stable/c/a9e164bd160be8cbee1df70acb379129e3cd2e7c
- https://git.kernel.org/stable/c/33a7d698f30fa0b99d50569e9909d3baa65d8f6a
- https://git.kernel.org/stable/c/99d348b82bcb36171f24411d3f1a15706a2a937a
- https://git.kernel.org/stable/c/9ef384ed300d1bcfb23d0ab0b487d544444d4b52
- https://git.kernel.org/stable/c/fd7974c547abfb03072a4ee706d3a6f182266f89
- https://git.kernel.org/stable/c/a8a917058faf4abaec9fb614bb6d5f8fe3529ec6
- https://git.kernel.org/stable/c/7b3a34f08d11e7f05cd00b8e09adaa15192f0ad1
- https://git.kernel.org/stable/c/c1e63117711977cc4295b2ce73de29dd17066c82
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.257
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.219
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.294
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.292
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.6
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.163