Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-47137

HIGH
Published 2024-03-25T09:07:36.778Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-47137. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
7.8
/10
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.000
probability
of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.016
Higher than 1.6% of all CVEs

Attack Vector Metrics

Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Description

In the Linux kernel, the following vulnerability has been resolved:

net: lantiq: fix memory corruption in RX ring

In a situation where memory allocation or dma mapping fails, an
invalid address is programmed into the descriptor. This can lead
to memory corruption. If the memory allocation fails, DMA should
reuse the previous skb and mapping and drop the packet. This patch
also increments rx drop counter.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Linux

Affected Versions:

fe1a56420cf2ec28c8eceef672b87de0bbe1a260 fe1a56420cf2ec28c8eceef672b87de0bbe1a260 fe1a56420cf2ec28c8eceef672b87de0bbe1a260 fe1a56420cf2ec28c8eceef672b87de0bbe1a260
Linux

Linux

Affected Versions:

4.20 0 5.4.124 5.10.42 5.12.9 5.13
linux

linux_kernel

Affected Versions:

fe1a56420cf2 fe1a56420cf2 fe1a56420cf2 fe1a56420cf2 4.20 0 5.4.124 5.10.42 5.12.9 5.13

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-x7cq-pgcc-cqqm

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: net: lantiq: fix memory corruption in RX ring In a situation where memory allocation or dma mapping fails, an invalid address is programmed into the descriptor. This can lead to memory corruption. If the memory allocation fails, DMA should reuse the previous skb and mapping and drop the packet. This patch also increments rx drop counter.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-47137
WEB https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2
WEB https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418
WEB https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d
WEB https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20

Advisory provided by GitHub Security Advisory Database. Published: March 25, 2024, Modified: November 5, 2024

References

https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d
https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418
https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2
https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20
Published: 2024-03-25T09:07:36.778Z
Last Modified: 2025-05-04T07:04:51.760Z
Copied to clipboard!