CVE-2021-42739

The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:starwindsoftware:starwind_san_\&_nas:v8r12:*:*:*:*:*:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8r13:14338:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:28

Type Values Removed Values Added
References () https://bugzilla.redhat.com/show_bug.cgi?id=1951739 - Issue Tracking, Mitigation, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=1951739 - Issue Tracking, Mitigation, Third Party Advisory
References () https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e - () https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e -
References () https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ%40mwanda/ - () https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ%40mwanda/ -
References () https://seclists.org/oss-sec/2021/q2/46 - () https://seclists.org/oss-sec/2021/q2/46 -
References () https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory () https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory
References () https://www.starwindsoftware.com/security/sw-20220804-0001/ - Third Party Advisory () https://www.starwindsoftware.com/security/sw-20220804-0001/ - Third Party Advisory

24 Mar 2024, 23:15

Type Values Removed Values Added
Summary (en) A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (en) The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
References
  • () https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e -
  • () https://seclists.org/oss-sec/2021/q2/46 -

07 Nov 2022, 19:04

Type Values Removed Values Added
CPE cpe:2.3:a:starwindsoftware:starwind_virtual_san:v18r13:14338:*:*:*:*:*:* cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8r13:14338:*:*:*:*:*:*

25 Oct 2022, 16:43

Type Values Removed Values Added
CPE cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v18r13:14338:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:starwindsoftware:starwind_san_\&_nas:v8r12:*:*:*:*:*:*:*
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory
References (MISC) https://www.starwindsoftware.com/security/sw-20220804-0001/ - (MISC) https://www.starwindsoftware.com/security/sw-20220804-0001/ - Third Party Advisory
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1951739 - Mitigation, Third Party Advisory (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1951739 - Issue Tracking, Mitigation, Third Party Advisory

11 Oct 2022, 22:15

Type Values Removed Values Added
References
  • (MISC) https://www.starwindsoftware.com/security/sw-20220804-0001/ -

25 Jul 2022, 18:17

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

06 Apr 2022, 14:12

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
References (MISC) https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/ - (MISC) https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/ - Patch, Vendor Advisory
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1951739 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1951739 - Mitigation, Third Party Advisory

01 Apr 2022, 23:15

Type Values Removed Values Added
References
  • {'url': 'https://www.debian.org/security/2022/dsa-5096', 'name': 'DSA-5096', 'tags': [], 'refsource': 'DEBIAN'}
  • {'url': 'https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html', 'name': '[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EHZNHNHRLPC2NJKUDS5PJG5AGRYJVJN/', 'name': 'FEDORA-2021-fdef34e26f', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://seclists.org/oss-sec/2021/q2/46', 'name': 'https://seclists.org/oss-sec/2021/q2/46', 'tags': ['Exploit', 'Mailing List', 'Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AOWGMZ2MJFUGNA5QSD5JF4QHIC4URATS/', 'name': 'FEDORA-2021-7de33b7016', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://security.netapp.com/advisory/ntap-20211118-0001/', 'name': 'https://security.netapp.com/advisory/ntap-20211118-0001/', 'tags': ['Third Party Advisory'], 'refsource': 'CONFIRM'}
  • {'url': 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e', 'name': 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e', 'tags': ['Mailing List', 'Patch', 'Third Party Advisory', 'Vendor Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html', 'name': '[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKMQEOEESIO3GMHAOL3NYS36FER6UTWA/', 'name': 'FEDORA-2021-8364530ebf', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • (MISC) https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/ -
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1951739 -
Summary The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

10 Mar 2022, 17:44

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5096 -
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html -

17 Dec 2021, 01:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html -

18 Nov 2021, 16:00

Type Values Removed Values Added
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKMQEOEESIO3GMHAOL3NYS36FER6UTWA/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKMQEOEESIO3GMHAOL3NYS36FER6UTWA/ - Mailing List, Third Party Advisory
References (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e - Mailing List, Patch, Vendor Advisory (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e - Mailing List, Patch, Third Party Advisory, Vendor Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20211118-0001/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20211118-0001/ - Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AOWGMZ2MJFUGNA5QSD5JF4QHIC4URATS/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AOWGMZ2MJFUGNA5QSD5JF4QHIC4URATS/ - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EHZNHNHRLPC2NJKUDS5PJG5AGRYJVJN/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EHZNHNHRLPC2NJKUDS5PJG5AGRYJVJN/ - Mailing List, Third Party Advisory
CVSS v2 : 4.6
v3 : 7.8
v2 : 4.6
v3 : 6.7
CPE cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

18 Nov 2021, 08:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20211118-0001/ -

14 Nov 2021, 06:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AOWGMZ2MJFUGNA5QSD5JF4QHIC4URATS/ -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKMQEOEESIO3GMHAOL3NYS36FER6UTWA/ -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6EHZNHNHRLPC2NJKUDS5PJG5AGRYJVJN/ -

26 Oct 2021, 18:57

Type Values Removed Values Added
CWE CWE-787
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References (MISC) https://seclists.org/oss-sec/2021/q2/46 - (MISC) https://seclists.org/oss-sec/2021/q2/46 - Exploit, Mailing List, Patch, Third Party Advisory
References (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e - (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e - Mailing List, Patch, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 4.6
v3 : 7.8

20 Oct 2021, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-10-20 07:15

Updated : 2024-11-21 06:28


NVD link : CVE-2021-42739

Mitre link : CVE-2021-42739

CVE.ORG link : CVE-2021-42739


JSON object : View

Products Affected

starwindsoftware

  • starwind_virtual_san
  • starwind_san_\&_nas

linux

  • linux_kernel

oracle

  • communications_cloud_native_core_policy
  • communications_cloud_native_core_binding_support_function
  • communications_cloud_native_core_network_exposure_function

debian

  • debian_linux

fedoraproject

  • fedora
CWE
CWE-787

Out-of-bounds Write