Vulnerability-Lookup

CVE-2021-47336 (GCVE-0-2021-47336)

Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2025-12-18 11:36

Title

smackfs: restrict bytes count in smk_set_cipso()

Summary

In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smk_set_cipso() Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date: Mon, 12 Apr 2021 22:25:06 +0900 Subject: [PATCH] smackfs: restrict bytes count in smk_set_cipso() Commit 7ef4c19d245f3dc2 ("smackfs: restrict bytes count in smackfs write functions") missed that count > SMK_CIPSOMAX check applies to only format == SMK_FIXED24_FMT case.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/5f9880403e6b71d56…
	https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2d…
	https://git.kernel.org/stable/c/cbd87ba6a13891acf…
	https://git.kernel.org/stable/c/135122f174c357b7a…
	https://git.kernel.org/stable/c/3780348c1a0e14ffe…
	https://git.kernel.org/stable/c/8f5c773a2871cf446…
	https://git.kernel.org/stable/c/258fd821f69378453…
	https://git.kernel.org/stable/c/49ec114a6e62d8d32…

Impacted products

Vendor

Product

Version

Linux

Affected: f7112e6c9abf1c70f001dcf097c1d6e218a93f5c , < 5f9880403e6b71d56924748ba331daf836243fca (git)
Affected: f7112e6c9abf1c70f001dcf097c1d6e218a93f5c , < 5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2 (git)
Affected: f7112e6c9abf1c70f001dcf097c1d6e218a93f5c , < cbd87ba6a13891acf6180783f8234a8b7a3e3d4d (git)
Affected: f7112e6c9abf1c70f001dcf097c1d6e218a93f5c , < 135122f174c357b7a3e58f40fa5792156c5e93e6 (git)
Affected: f7112e6c9abf1c70f001dcf097c1d6e218a93f5c , < 3780348c1a0e14ffefcaf1fc521f815bcaac94b0 (git)
Affected: f7112e6c9abf1c70f001dcf097c1d6e218a93f5c , < 8f5c773a2871cf446e3f36b2834fb25bbb28512b (git)
Affected: f7112e6c9abf1c70f001dcf097c1d6e218a93f5c , < 258fd821f69378453c071b9dd767b298810fc766 (git)
Affected: f7112e6c9abf1c70f001dcf097c1d6e218a93f5c , < 49ec114a6e62d8d320037ce71c1aaf9650b3cafd (git)

Linux

Affected: 3.5
Unaffected: 0 , < 3.5 (semver)
Unaffected: 4.9.276 , ≤ 4.9.* (semver)
Unaffected: 4.14.240 , ≤ 4.14.* (semver)
Unaffected: 4.19.198 , ≤ 4.19.* (semver)
Unaffected: 5.4.133 , ≤ 5.4.* (semver)
Unaffected: 5.10.51 , ≤ 5.10.* (semver)
Unaffected: 5.12.18 , ≤ 5.12.* (semver)
Unaffected: 5.13.3 , ≤ 5.13.* (semver)
Unaffected: 5.14 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47336",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:44:23.247823Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:53.067Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.568Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "security/smack/smackfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5f9880403e6b71d56924748ba331daf836243fca",
              "status": "affected",
              "version": "f7112e6c9abf1c70f001dcf097c1d6e218a93f5c",
              "versionType": "git"
            },
            {
              "lessThan": "5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2",
              "status": "affected",
              "version": "f7112e6c9abf1c70f001dcf097c1d6e218a93f5c",
              "versionType": "git"
            },
            {
              "lessThan": "cbd87ba6a13891acf6180783f8234a8b7a3e3d4d",
              "status": "affected",
              "version": "f7112e6c9abf1c70f001dcf097c1d6e218a93f5c",
              "versionType": "git"
            },
            {
              "lessThan": "135122f174c357b7a3e58f40fa5792156c5e93e6",
              "status": "affected",
              "version": "f7112e6c9abf1c70f001dcf097c1d6e218a93f5c",
              "versionType": "git"
            },
            {
              "lessThan": "3780348c1a0e14ffefcaf1fc521f815bcaac94b0",
              "status": "affected",
              "version": "f7112e6c9abf1c70f001dcf097c1d6e218a93f5c",
              "versionType": "git"
            },
            {
              "lessThan": "8f5c773a2871cf446e3f36b2834fb25bbb28512b",
              "status": "affected",
              "version": "f7112e6c9abf1c70f001dcf097c1d6e218a93f5c",
              "versionType": "git"
            },
            {
              "lessThan": "258fd821f69378453c071b9dd767b298810fc766",
              "status": "affected",
              "version": "f7112e6c9abf1c70f001dcf097c1d6e218a93f5c",
              "versionType": "git"
            },
            {
              "lessThan": "49ec114a6e62d8d320037ce71c1aaf9650b3cafd",
              "status": "affected",
              "version": "f7112e6c9abf1c70f001dcf097c1d6e218a93f5c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "security/smack/smackfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.5"
            },
            {
              "lessThan": "3.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.276",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.240",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.133",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.51",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.276",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.240",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.198",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.133",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.51",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.18",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13.3",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmackfs: restrict bytes count in smk_set_cipso()\n\nOops, I failed to update subject line.\n\nFrom 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001\nDate: Mon, 12 Apr 2021 22:25:06 +0900\nSubject: [PATCH] smackfs: restrict bytes count in smk_set_cipso()\n\nCommit 7ef4c19d245f3dc2 (\"smackfs: restrict bytes count in smackfs write\nfunctions\") missed that count \u003e SMK_CIPSOMAX check applies to only\nformat == SMK_FIXED24_FMT case."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-18T11:36:57.757Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca"
        },
        {
          "url": "https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d"
        },
        {
          "url": "https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6"
        },
        {
          "url": "https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0"
        },
        {
          "url": "https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b"
        },
        {
          "url": "https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766"
        },
        {
          "url": "https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd"
        }
      ],
      "title": "smackfs: restrict bytes count in smk_set_cipso()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47336",
    "datePublished": "2024-05-21T14:35:45.744Z",
    "dateReserved": "2024-05-21T14:28:16.978Z",
    "dateUpdated": "2025-12-18T11:36:57.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsmackfs: restrict bytes count in smk_set_cipso()\\n\\nOops, I failed to update subject line.\\n\\nFrom 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001\\nDate: Mon, 12 Apr 2021 22:25:06 +0900\\nSubject: [PATCH] smackfs: restrict bytes count in smk_set_cipso()\\n\\nCommit 7ef4c19d245f3dc2 (\\\"smackfs: restrict bytes count in smackfs write\\nfunctions\\\") missed that count \u003e SMK_CIPSOMAX check applies to only\\nformat == SMK_FIXED24_FMT case.\"}, {\"lang\": \"es\", \"value\": \" En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: smackfs: restringir el recuento de bytes en smk_set_cipso() Oops, no pude actualizar la l\\u00ednea de asunto. De 07571157c91b98ce1a4aa70967531e64b78e8346 lunes 17 de septiembre 00:00:00 2001 Fecha: lunes 12 de abril de 2021 22:25:06 +0900 Asunto: [PATCH] smackfs: restringir el recuento de bytes en smk_set_cipso() Confirmaci\\u00f3n 7ef4c1 9d245f3dc2 (\\\"smackfs: restringir el recuento de bytes en smackfs funciones de escritura\\\") perdi\\u00f3 ese recuento \u0026gt; La verificaci\\u00f3n SMK_CIPSOMAX se aplica solo al formato == caso SMK_FIXED24_FMT.\"}]",
      "id": "CVE-2021-47336",
      "lastModified": "2024-11-21T06:35:54.710",
      "published": "2024-05-21T15:15:20.437",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-47336\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-21T15:15:20.437\",\"lastModified\":\"2025-05-12T19:58:43.413\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsmackfs: restrict bytes count in smk_set_cipso()\\n\\nOops, I failed to update subject line.\\n\\nFrom 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001\\nDate: Mon, 12 Apr 2021 22:25:06 +0900\\nSubject: [PATCH] smackfs: restrict bytes count in smk_set_cipso()\\n\\nCommit 7ef4c19d245f3dc2 (\\\"smackfs: restrict bytes count in smackfs write\\nfunctions\\\") missed that count \u003e SMK_CIPSOMAX check applies to only\\nformat == SMK_FIXED24_FMT case.\"},{\"lang\":\"es\",\"value\":\" En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: smackfs: restringir el recuento de bytes en smk_set_cipso() Oops, no pude actualizar la l\u00ednea de asunto. De 07571157c91b98ce1a4aa70967531e64b78e8346 lunes 17 de septiembre 00:00:00 2001 Fecha: lunes 12 de abril de 2021 22:25:06 +0900 Asunto: [PATCH] smackfs: restringir el recuento de bytes en smk_set_cipso() Confirmaci\u00f3n 7ef4c1 9d245f3dc2 (\\\"smackfs: restringir el recuento de bytes en smackfs funciones de escritura\\\") perdi\u00f3 ese recuento \u0026gt; La verificaci\u00f3n SMK_CIPSOMAX se aplica solo al formato == caso SMK_FIXED24_FMT.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.9.276\",\"matchCriteriaId\":\"E29241F7-82A8-4B5A-B9C9-1B8A6F470DBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.240\",\"matchCriteriaId\":\"FB359B2E-773D-4D52-9915-E07A47ABE72B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.198\",\"matchCriteriaId\":\"B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.133\",\"matchCriteriaId\":\"65A8F1FF-5639-455A-8BF4-9FF529240505\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.51\",\"matchCriteriaId\":\"93289127-DFB3-4515-89DD-50521FF8B7FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.12.18\",\"matchCriteriaId\":\"79D13C82-E06F-4A70-A3D1-C09494FBC94D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.13\",\"versionEndExcluding\":\"5.13.3\",\"matchCriteriaId\":\"853187F6-707A-487B-95C0-621B5211B43C\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:32:08.568Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-47336\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-21T18:44:23.247823Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:25.467Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"smackfs: restrict bytes count in smk_set_cipso()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"f7112e6c9abf1c70f001dcf097c1d6e218a93f5c\", \"lessThan\": \"5f9880403e6b71d56924748ba331daf836243fca\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f7112e6c9abf1c70f001dcf097c1d6e218a93f5c\", \"lessThan\": \"5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f7112e6c9abf1c70f001dcf097c1d6e218a93f5c\", \"lessThan\": \"cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f7112e6c9abf1c70f001dcf097c1d6e218a93f5c\", \"lessThan\": \"135122f174c357b7a3e58f40fa5792156c5e93e6\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f7112e6c9abf1c70f001dcf097c1d6e218a93f5c\", \"lessThan\": \"3780348c1a0e14ffefcaf1fc521f815bcaac94b0\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f7112e6c9abf1c70f001dcf097c1d6e218a93f5c\", \"lessThan\": \"8f5c773a2871cf446e3f36b2834fb25bbb28512b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f7112e6c9abf1c70f001dcf097c1d6e218a93f5c\", \"lessThan\": \"258fd821f69378453c071b9dd767b298810fc766\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"f7112e6c9abf1c70f001dcf097c1d6e218a93f5c\", \"lessThan\": \"49ec114a6e62d8d320037ce71c1aaf9650b3cafd\", \"versionType\": \"git\"}], \"programFiles\": [\"security/smack/smackfs.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.5\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"3.5\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.9.276\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.9.*\"}, {\"status\": \"unaffected\", \"version\": \"4.14.240\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14.*\"}, {\"status\": \"unaffected\", \"version\": \"4.19.198\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.133\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.51\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.18\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.13.*\"}, {\"status\": \"unaffected\", \"version\": \"5.14\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"security/smack/smackfs.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca\"}, {\"url\": \"https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\"}, {\"url\": \"https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\"}, {\"url\": \"https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6\"}, {\"url\": \"https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0\"}, {\"url\": \"https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b\"}, {\"url\": \"https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766\"}, {\"url\": \"https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsmackfs: restrict bytes count in smk_set_cipso()\\n\\nOops, I failed to update subject line.\\n\\nFrom 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001\\nDate: Mon, 12 Apr 2021 22:25:06 +0900\\nSubject: [PATCH] smackfs: restrict bytes count in smk_set_cipso()\\n\\nCommit 7ef4c19d245f3dc2 (\\\"smackfs: restrict bytes count in smackfs write\\nfunctions\\\") missed that count \u003e SMK_CIPSOMAX check applies to only\\nformat == SMK_FIXED24_FMT case.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.9.276\", \"versionStartIncluding\": \"3.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.14.240\", \"versionStartIncluding\": \"3.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.198\", \"versionStartIncluding\": \"3.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.133\", \"versionStartIncluding\": \"3.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.51\", \"versionStartIncluding\": \"3.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.18\", \"versionStartIncluding\": \"3.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13.3\", \"versionStartIncluding\": \"3.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.14\", \"versionStartIncluding\": \"3.5\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-12-18T11:36:57.757Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-47336\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-18T11:36:57.757Z\", \"dateReserved\": \"2024-05-21T14:28:16.978Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-21T14:35:45.744Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

BDU:2025-14610

Vulnerability from fstec - Published: 12.04.2021

Title

Уязвимость функции smk_set_cipso() модуля security/smack/smackfs.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции smk_set_cipso() модуля security/smack/smackfs.c ядра операционной системы Linux связана с недостаточной проверкой входных данных. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor

Canonical Ltd., Сообщество свободного программного обеспечения, Fedora Project

Software Name

Ubuntu, Debian GNU/Linux, Linux, Fedora

Software Version

14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 10 (Debian GNU/Linux), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), от 4.10 до 4.14.239 включительно (Linux), от 4.15 до 4.19.197 включительно (Linux), от 4.20 до 5.4.132 включительно (Linux), от 5.5 до 5.10.50 включительно (Linux), от 5.11 до 5.12.17 включительно (Linux), 40 (Fedora), от 5.13 до 5.13.2 включительно (Linux), от 2.6.12 до 4.9.275 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2024052136-CVE-2021-47336-b6a7@gregkh/ https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2 https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6 https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0 https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766 https://git.kernel.org/linus/49ec114a6e62d8d320037ce71c1aaf9650b3cafd Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2021-47336 Для Ubuntu: https://ubuntu.com/security/CVE-2021-47336 Для Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=2292133

Reference

https://www.cve.org/CVERecord?id=CVE-2021-47336 https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2 https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6 https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0 https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766 https://lore.kernel.org/linux-cve-announce/2024052136-CVE-2021-47336-b6a7@gregkh/ https://git.kernel.org/linus/49ec114a6e62d8d320037ce71c1aaf9650b3cafd https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=3780348c1a0e14ffefcaf1fc521f815bcaac94b0 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.276 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.240 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.133 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.18 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 https://bugzilla.redhat.com/show_bug.cgi?id=2292133 https://ubuntu.com/security/CVE-2021-47336 https://security-tracker.debian.org/tracker/CVE-2021-47336

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Fedora Project",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 10 (Debian GNU/Linux), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.239 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.197 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.132 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.50 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.12.17 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), 40 (Fedora), \u043e\u0442 5.13 \u0434\u043e 5.13.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 2.6.12 \u0434\u043e 4.9.275 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2024052136-CVE-2021-47336-b6a7@gregkh/\nhttps://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca\nhttps://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\nhttps://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\nhttps://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6\nhttps://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0\nhttps://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b\nhttps://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766\nhttps://git.kernel.org/linus/49ec114a6e62d8d320037ce71c1aaf9650b3cafd\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2021-47336\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/CVE-2021-47336\n\n\u0414\u043b\u044f Fedora:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2292133",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "12.04.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.11.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.11.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-14610",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-47336",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, Linux, Fedora",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 14.04 LTS , Canonical Ltd. Ubuntu 16.04 LTS , Canonical Ltd. Ubuntu 18.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Canonical Ltd. Ubuntu 20.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.10 \u0434\u043e 4.14.239 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.15 \u0434\u043e 4.19.197 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.132 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.50 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.12.17 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , Fedora Project Fedora 40 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.13 \u0434\u043e 5.13.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.12 \u0434\u043e 4.9.275 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 smk_set_cipso() \u043c\u043e\u0434\u0443\u043b\u044f security/smack/smackfs.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 smk_set_cipso() \u043c\u043e\u0434\u0443\u043b\u044f security/smack/smackfs.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.cve.org/CVERecord?id=CVE-2021-47336\nhttps://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca\nhttps://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2\nhttps://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d\nhttps://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6\nhttps://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0\nhttps://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b\nhttps://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766\nhttps://lore.kernel.org/linux-cve-announce/2024052136-CVE-2021-47336-b6a7@gregkh/\nhttps://git.kernel.org/linus/49ec114a6e62d8d320037ce71c1aaf9650b3cafd\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=3780348c1a0e14ffefcaf1fc521f815bcaac94b0\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.276\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.240\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.133\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.18\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2292133\nhttps://ubuntu.com/security/CVE-2021-47336\nhttps://security-tracker.debian.org/tracker/CVE-2021-47336",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}

GHSA-H3HV-FPF3-C5JM

Vulnerability from github – Published: 2024-05-21 15:31 – Updated: 2025-05-12 21:30

Details

In the Linux kernel, the following vulnerability has been resolved:

smackfs: restrict bytes count in smk_set_cipso()

Oops, I failed to update subject line.

From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date: Mon, 12 Apr 2021 22:25:06 +0900 Subject: [PATCH] smackfs: restrict bytes count in smk_set_cipso()

Commit 7ef4c19d245f3dc2 ("smackfs: restrict bytes count in smackfs write functions") missed that count > SMK_CIPSOMAX check applies to only format == SMK_FIXED24_FMT case.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-47336"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-21T15:15:20Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmackfs: restrict bytes count in smk_set_cipso()\n\nOops, I failed to update subject line.\n\nFrom 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001\nDate: Mon, 12 Apr 2021 22:25:06 +0900\nSubject: [PATCH] smackfs: restrict bytes count in smk_set_cipso()\n\nCommit 7ef4c19d245f3dc2 (\"smackfs: restrict bytes count in smackfs write\nfunctions\") missed that count \u003e SMK_CIPSOMAX check applies to only\nformat == SMK_FIXED24_FMT case.",
  "id": "GHSA-h3hv-fpf3-c5jm",
  "modified": "2025-05-12T21:30:55Z",
  "published": "2024-05-21T15:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47336"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2021-47336

Vulnerability from fkie_nvd - Published: 2024-05-21 15:15 - Updated: 2025-05-12 19:58

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b	Patch
af854a3a-2127-422b-91ae-364da2661108	https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E29241F7-82A8-4B5A-B9C9-1B8A6F470DBA",
              "versionEndExcluding": "4.9.276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB359B2E-773D-4D52-9915-E07A47ABE72B",
              "versionEndExcluding": "4.14.240",
              "versionStartIncluding": "4.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B93AEDB9-C52B-4222-8F9A-882DAD9EF5B2",
              "versionEndExcluding": "4.19.198",
              "versionStartIncluding": "4.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65A8F1FF-5639-455A-8BF4-9FF529240505",
              "versionEndExcluding": "5.4.133",
              "versionStartIncluding": "4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93289127-DFB3-4515-89DD-50521FF8B7FF",
              "versionEndExcluding": "5.10.51",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79D13C82-E06F-4A70-A3D1-C09494FBC94D",
              "versionEndExcluding": "5.12.18",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "853187F6-707A-487B-95C0-621B5211B43C",
              "versionEndExcluding": "5.13.3",
              "versionStartIncluding": "5.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmackfs: restrict bytes count in smk_set_cipso()\n\nOops, I failed to update subject line.\n\nFrom 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001\nDate: Mon, 12 Apr 2021 22:25:06 +0900\nSubject: [PATCH] smackfs: restrict bytes count in smk_set_cipso()\n\nCommit 7ef4c19d245f3dc2 (\"smackfs: restrict bytes count in smackfs write\nfunctions\") missed that count \u003e SMK_CIPSOMAX check applies to only\nformat == SMK_FIXED24_FMT case."
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: smackfs: restringir el recuento de bytes en smk_set_cipso() Oops, no pude actualizar la l\u00ednea de asunto. De 07571157c91b98ce1a4aa70967531e64b78e8346 lunes 17 de septiembre 00:00:00 2001 Fecha: lunes 12 de abril de 2021 22:25:06 +0900 Asunto: [PATCH] smackfs: restringir el recuento de bytes en smk_set_cipso() Confirmaci\u00f3n 7ef4c1 9d245f3dc2 (\"smackfs: restringir el recuento de bytes en smackfs funciones de escritura\") perdi\u00f3 ese recuento \u0026gt; La verificaci\u00f3n SMK_CIPSOMAX se aplica solo al formato == caso SMK_FIXED24_FMT."
    }
  ],
  "id": "CVE-2021-47336",
  "lastModified": "2025-05-12T19:58:43.413",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-21T15:15:20.437",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-47336 (GCVE-0-2021-47336)

BDU:2025-14610

GHSA-H3HV-FPF3-C5JM

FKIE_CVE-2021-47336

Tags

Sightings

Nomenclature