Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-47548

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-24 May, 2024 | 15:09
Updated At-04 May, 2025 | 07:13
Rejected At-
Credits

ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()

In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off; because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6). To fix this possible array overflow, we first check port and if it is greater than or equal to DSAF_MAX_PORT_NUM, the function returns.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:24 May, 2024 | 15:09
Updated At:04 May, 2025 | 07:13
Rejected At:
▼CVE Numbering Authority (CNA)
ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()

In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off; because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6). To fix this possible array overflow, we first check port and if it is greater than or equal to DSAF_MAX_PORT_NUM, the function returns.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/net/ethernet/hisilicon/hns/hns_dsaf_misc.c
Default Status
unaffected
Versions
Affected
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 948968f8747650447c8f21c9fdba0e1973be040b (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before abbd5faa0748d0aa95d5191d56ff7a17a6275bd1 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before dd07f8971b81ad98cc754b179b331b57f35aa1ff (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 22519eff7df2d88adcc2568d86046ce1e2b52803 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before fc7ffa7f10b9454a86369405d9814bf141b30627 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before a66998e0fbf213d47d02813b9679426129d0d114 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/net/ethernet/hisilicon/hns/hns_dsaf_misc.c
Default Status
affected
Versions
Unaffected
  • From 4.9.292 through 4.9.* (semver)
  • From 4.14.257 through 4.14.* (semver)
  • From 4.19.220 through 4.19.* (semver)
  • From 5.4.164 through 5.4.* (semver)
  • From 5.10.84 through 5.10.* (semver)
  • From 5.15.7 through 5.15.* (semver)
  • From 5.16 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
N/A
https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
N/A
https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
N/A
https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
N/A
https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
N/A
https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
N/A
https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
N/A
Hyperlink: https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1da177e4c3f4 before 948968f87476 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1da177e4c3f4 before abbd5faa0748 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1da177e4c3f4 before dd07f8971b81 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1da177e4c3f4 before 99bb25cb6753 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1da177e4c3f4 before 22519eff7df2 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1da177e4c3f4 before fc7ffa7f10b9 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 1da177e4c3f4 before a66998e0fbf2 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 4.9.292 through 4.9.* (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 4.14.257 through 4.14* (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 4.19.220 through 4.19.* (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 5.4.164 through 5.4.* (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 5.10.84 through 5.10.* (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 5.15.7 through 5.15.* (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • 5.16
Problem Types
TypeCWE IDDescription
CWECWE-129CWE-129 Improper Validation of Array Index
Type: CWE
CWE ID: CWE-129
Description: CWE-129 Improper Validation of Array Index
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
x_transferred
https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
x_transferred
https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
x_transferred
https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
x_transferred
https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
x_transferred
https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
x_transferred
https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
x_transferred
Hyperlink: https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:24 May, 2024 | 15:15
Updated At:01 Apr, 2025 | 18:42

In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off; because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6). To fix this possible array overflow, we first check port and if it is greater than or equal to DSAF_MAX_PORT_NUM, the function returns.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions before 4.9.292(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.10(inclusive) to 4.14.257(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.15(inclusive) to 4.19.220(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.20(inclusive) to 5.4.164(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.5(inclusive) to 5.10.84(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.11(inclusive) to 5.15.7(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>5.16
cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-129Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-129
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040baf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6daf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ffaf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627af854a3a-2127-422b-91ae-364da2661108
Patch
Hyperlink: https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

0Records found
Details not found