UVI-2021-1000070

See a problem?
Please try reporting it to the source first.

Source

https://data.gsd.id/UVI-2021-1000070

Import Source

https://github.com/cloudsecurityalliance/gsd-database/blob/main/2021/1000xxx/UVI-2021-1000070.json

JSON Data

https://api.osv.dev/v1/vulns/UVI-2021-1000070

Withdrawn

2023-03-14T07:01:09.501279Z

Published

2021-05-31T15:39:45.031586Z

Modified

2023-03-14T07:01:09.501279Z

Summary

net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets

Details

net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets

This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.3 by commit 8e6dfb7beeb6489ac1365b8a71052e737f5da76e, it was introduced in version v5.11 by commit c129412f74e99b609f0a8e95fc3915af1fd40f34. For more details please see the references link.

References

Affected packages

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/
Events: Introduced

c129412f74e99b609f0a8e95fc3915af1fd40f34

Limit

8e6dfb7beeb6489ac1365b8a71052e737f5da76e

Affected versions

v5.*

v5.10

v5.10-rc5

v5.10-rc6

v5.10-rc7

v5.11

v5.11-rc1

v5.11-rc2

v5.11-rc3

v5.11-rc4

v5.11-rc5

v5.11-rc6

v5.11-rc7

v5.12

v5.12-rc1-dontuse

v5.12-rc2

v5.12-rc3

v5.12-rc4

v5.12-rc5

v5.12-rc6

v5.12-rc7

v5.12-rc8

v5.12.1

v5.12.2

Database specific

source

"https://github.com/cloudsecurityalliance/gsd-database/blob/main/2021/1000xxx/UVI-2021-1000070.json"