CVE-2021-47175 Detail

CVE-2021-47175

Score / Severity

7.1

High

CVE Descriptions

net/sched: fq_pie: fix OOB access in the traffic path

In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall action skbedit priority 0x10002 # ping 192.0.2.2 -I eth0 -c2 -w1 -q produces the following splat: BUG: KASAN: slab-out-of-bounds in fq_pie_qdisc_enqueue+0x1314/0x19d0 [sch_fq_pie] Read of size 4 at addr ffff888171306924 by task ping/942 CPU: 3 PID: 942 Comm: ping Not tainted 5.12.0+ #441 Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014 Call Trace: dump_stack+0x92/0xc1 print_address_description.constprop.7+0x1a/0x150 kasan_report.cold.13+0x7f/0x111 fq_pie_qdisc_enqueue+0x1314/0x19d0 [sch_fq_pie] __dev_queue_xmit+0x1034/0x2b10 ip_finish_output2+0xc62/0x2120 __ip_finish_output+0x553/0xea0 ip_output+0x1ca/0x4d0 ip_send_skb+0x37/0xa0 raw_sendmsg+0x1c4b/0x2d00 sock_sendmsg+0xdb/0x110 __sys_sendto+0x1d7/0x2b0 __x64_sys_sendto+0xdd/0x1b0 do_syscall_64+0x3c/0x80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7fe69735c3eb Code: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 48 8d 05 75 42 2c 00 41 89 ca 8b 00 85 c0 75 14 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 75 c3 0f 1f 40 00 41 57 4d 89 c7 41 56 41 89 RSP: 002b:00007fff06d7fb38 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 000055e961413700 RCX: 00007fe69735c3eb RDX: 0000000000000040 RSI: 000055e961413700 RDI: 0000000000000003 RBP: 0000000000000040 R08: 000055e961410500 R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff06d81260 R13: 00007fff06d7fb40 R14: 00007fff06d7fc30 R15: 000055e96140f0a0 Allocated by task 917: kasan_save_stack+0x19/0x40 __kasan_kmalloc+0x7f/0xa0 __kmalloc_node+0x139/0x280 fq_pie_init+0x555/0x8e8 [sch_fq_pie] qdisc_create+0x407/0x11b0 tc_modify_qdisc+0x3c2/0x17e0 rtnetlink_rcv_msg+0x346/0x8e0 netlink_rcv_skb+0x120/0x380 netlink_unicast+0x439/0x630 netlink_sendmsg+0x719/0xbf0 sock_sendmsg+0xe2/0x110 ____sys_sendmsg+0x5ba/0x890 ___sys_sendmsg+0xe9/0x160 __sys_sendmsg+0xd3/0x170 do_syscall_64+0x3c/0x80 entry_SYSCALL_64_after_hwframe+0x44/0xae The buggy address belongs to the object at ffff888171306800 which belongs to the cache kmalloc-256 of size 256 The buggy address is located 36 bytes to the right of 256-byte region [ffff888171306800, ffff888171306900) The buggy address belongs to the page: page:00000000bcfb624e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x171306 head:00000000bcfb624e order:1 compound_mapcount:0 flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff) raw: 0017ffffc0010200 dead000000000100 dead000000000122 ffff888100042b40 raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff888171306800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff888171306880: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc >ffff888171306900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff888171306980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff888171306a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fix fq_pie traffic path to avoid selecting 'q->flows + q->flows_cnt' as a valid flow: it's an address beyond the allocated memory.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-125	Out-of-bounds Read The product reads data past the end, or before the beginning, of the intended buffer.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V3.1	7.1	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H More informations Base: Exploitabilty Metrics The Exploitability metrics reflect the characteristics of the thing that is vulnerable, which we refer to formally as the vulnerable component. Attack Vector This metric reflects the context by which vulnerability exploitation is possible. Local The vulnerable component is not bound to the network stack and the attacker’s path is via read/write/execute capabilities. Attack Complexity This metric describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability. Low Specialized access conditions or extenuating circumstances do not exist. An attacker can expect repeatable success when attacking the vulnerable component. Privileges Required This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability. Low The attacker requires privileges that provide basic user capabilities that could normally affect only settings and files owned by a user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources. User Interaction This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component. None The vulnerable system can be exploited without interaction from any user. Base: Scope Metrics The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope. Scope Formally, a security authority is a mechanism (e.g., an application, an operating system, firmware, a sandbox environment) that defines and enforces access control in terms of how certain subjects/actors (e.g., human users, processes) can access certain restricted objects/resources (e.g., files, CPU, memory) in a controlled manner. All the subjects and objects under the jurisdiction of a single security authority are considered to be under one security scope. If a vulnerability in a vulnerable component can affect a component which is in a different security scope than the vulnerable component, a Scope change occurs. Intuitively, whenever the impact of a vulnerability breaches a security/trust boundary and impacts components outside the security scope in which vulnerable component resides, a Scope change occurs. Unchanged An exploited vulnerability can only affect resources managed by the same security authority. In this case, the vulnerable component and the impacted component are either the same, or both are managed by the same security authority. Base: Impact Metrics The Impact metrics capture the effects of a successfully exploited vulnerability on the component that suffers the worst outcome that is most directly and predictably associated with the attack. Analysts should constrain impacts to a reasonable, final outcome which they are confident an attacker is able to achieve. Confidentiality Impact This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability. High There is a total loss of confidentiality, resulting in all resources within the impacted component being divulged to the attacker. Alternatively, access to only some restricted information is obtained, but the disclosed information presents a direct, serious impact. For example, an attacker steals the administrator's password, or private encryption keys of a web server. Integrity Impact This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. None There is no loss of integrity within the impacted component. Availability Impact This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability. High There is a total loss of availability, resulting in the attacker being able to fully deny access to resources in the impacted component; this loss is either sustained (while the attacker continues to deliver the attack) or persistent (the condition persists even after the attack has completed). Alternatively, the attacker has the ability to deny some availability, but the loss of availability presents a direct, serious consequence to the impacted component (e.g., the attacker cannot disrupt existing connections, but can prevent new connections; the attacker can repeatedly exploit a vulnerability that, in each instance of a successful attack, leaks a only small amount of memory, but after repeated exploitation causes a service to become completely unavailable). Temporal Metrics The Temporal metrics measure the current state of exploit techniques or code availability, the existence of any patches or workarounds, or the confidence in the description of a vulnerability. Environmental Metrics These metrics enable the analyst to customize the CVSS score depending on the importance of the affected IT asset to a user’s organization, measured in terms of Confidentiality, Integrity, and Availability.	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Products Mentioned

Configuraton 0

Linux>>Linux_kernel >> Version From (including) 5.6 To (excluding) 5.10.42

Linux>>Linux_kernel >> Version 5.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.1 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.2 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.3 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.4 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.5 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.7-1 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.6.19 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.1 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.2 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.3 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.4 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.5 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.7.19 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.1 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.2 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.3 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.4 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.5 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.8.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.1 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.2 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.3 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.4 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.5 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.9.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.0 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.1 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.2 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.3 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.4 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.5 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.19 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.20 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.21 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.22 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.23 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.24 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.25 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.26 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.27 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.28 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.29 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.30 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.31 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.32 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.33 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.34 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.35 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.36 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.37 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.38 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.39 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.40 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.10.41 (Open CPE detail)

Linux>>Linux_kernel >> Version From (including) 5.11 To (excluding) 5.12.9

Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.1 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.2 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.3 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.4 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.5 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.8 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.9 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.10 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.11 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.13 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.14 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.15 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.16 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.17 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.18 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.19 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.20 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.21 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.11.22 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12.1 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12.2 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12.3 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12.4 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12.5 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12.6 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12.7 (Open CPE detail)
Linux>>Linux_kernel >> Version 5.12.8 (Open CPE detail)

Linux>>Linux_kernel >> Version 5.13

Linux>>Linux_kernel >> Version 5.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 5.13

Linux>>Linux_kernel >> Version 5.13 (Open CPE detail)

Linux>>Linux_kernel >> Version 5.13

Linux>>Linux_kernel >> Version 5.13 (Open CPE detail)

References

https://git.kernel.org/stable/c/e6294c06e7c62ffdd5bf3df696d3a4fcbb753d3c
Tags : Patch

https://git.kernel.org/stable/c/7a1bdec12e43e29cc34a4394590337069d8812ce
Tags : Patch

https://git.kernel.org/stable/c/e70f7a11876a1a788ceadf75e9e5f7af2c868680
Tags : Patch

CVE-2021-47175 : Detail

CVE-2021-47175

CVE Descriptions

net/sched: fq_pie: fix OOB access in the traffic path

CVE Informations

Related Weaknesses

Metrics

Base: Exploitabilty Metrics

Base: Scope Metrics

Base: Impact Metrics

Temporal Metrics

Environmental Metrics

EPSS

EPSS Score

EPSS Percentile

Products Mentioned

Configuraton 0

References