#VU93688 Input validation error in Linux kernel - CVE-2021-47210
Published: July 2, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU93688
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-47210
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tps6598x_block_read() function in drivers/usb/typec/tps6598x.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/2a897d384513ba7f7ef05611338b9a6ec6aeac00
- https://git.kernel.org/stable/c/30dcfcda8992dc42f18e7d35b6a1fa72372d382d
- https://git.kernel.org/stable/c/eff8b7628410cb2eb562ca0d5d1f12e27063733e
- https://git.kernel.org/stable/c/2c71811c963b6c310a29455d521d31a7ea6c5b5e
- https://git.kernel.org/stable/c/b7a0a63f3fed57d413bb857de164ea9c3984bc4e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.218
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.5
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.162