CVE-2021-47101

In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than sizeof(smsr) bytes and in this case smsr will be uninitialized. Fail log: BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497 BUG: KMSAN: uninit-value in asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497 asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497 asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc6:*:*:*:*:*:*

History

03 Feb 2025, 14:02

Type Values Removed Values Added
First Time Linux
Linux linux Kernel
References () https://git.kernel.org/stable/c/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03 - () https://git.kernel.org/stable/c/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03 - Patch
References () https://git.kernel.org/stable/c/d259f621c85949f30cc578cac813b82bb5169f56 - () https://git.kernel.org/stable/c/d259f621c85949f30cc578cac813b82bb5169f56 - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.1
CPE cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*
CWE CWE-908

21 Nov 2024, 06:35

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03 - () https://git.kernel.org/stable/c/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03 -
References () https://git.kernel.org/stable/c/d259f621c85949f30cc578cac813b82bb5169f56 - () https://git.kernel.org/stable/c/d259f621c85949f30cc578cac813b82bb5169f56 -

05 Mar 2024, 13:41

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: asix: corrige el valor uninit en asix_mdio_read() asix_read_cmd() puede leer menos que sizeof(smsr) bytes y en este caso smsr no estará inicializado. Registro de errores: ERROR: KMSAN: valor uninit en asix_check_host_enable drivers/net/usb/asix_common.c:82 [en línea] ERROR: KMSAN: valor uninit en asix_check_host_enable drivers/net/usb/asix_common.c:82 controladores [en línea] /net/usb/asix_common.c:497 ERROR: KMSAN: valor uninit en asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497 asix_check_host_enable drivers/net/ usb/asix_common.c:82 [en línea] controladores asix_check_host_enable/net/usb/asix_common.c:82 [en línea] controladores/net/usb/asix_common.c:497 controladores asix_mdio_read+0x3c1/0xb00/net/usb/asix_common.c :497 controladores/net/usb/asix_common.c:497

04 Mar 2024, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-04 18:15

Updated : 2025-02-03 14:02


NVD link : CVE-2021-47101

Mitre link : CVE-2021-47101

CVE.ORG link : CVE-2021-47101


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-908

Use of Uninitialized Resource