CVE-2021-47168
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-47168
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47168.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-47168
- Related
- Published
- 2024-03-25T10:15:08Z
- Modified
- 2025-03-17T15:03:22Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
NFS: fix an incorrect limit in filelayoutdecodelayout()
The "sizeof(struct nfsfh)" is two bytes too large and could lead to memory corruption. It should be NFSMAXFHSIZE because that's the size of the ->data[] buffer.
I reversed the size of the arguments to put the variable on the left.
- References
-
- https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8
- https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a
- https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e
- https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040
- https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1
- https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84
- https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1
- https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714
- https://security-tracker.debian.org/tracker/CVE-2021-47168
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source