CVE-2021-46943

In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix set_fmt error handling If there in an error during a set_fmt, do not overwrite the previous sizes with the invalid config. Without this patch, v4l2-compliance ends up allocating 4GiB of RAM and causing the following OOPs [ 38.662975] ipu3-imgu 0000:00:05.0: swiotlb buffer is full (sz: 4096 bytes) [ 38.662980] DMA: Out of SW-IOMMU space for 4096 bytes at device 0000:00:05.0 [ 38.663010] general protection fault: 0000 [#1] PREEMPT SMP
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

10 Apr 2024, 19:54

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/34892ea938387d83ffcfb7775ec55f0f80767916 - () https://git.kernel.org/stable/c/34892ea938387d83ffcfb7775ec55f0f80767916 - Patch
References () https://git.kernel.org/stable/c/6fb617e37a39db0a3eca4489431359d0bdf3b9bc - () https://git.kernel.org/stable/c/6fb617e37a39db0a3eca4489431359d0bdf3b9bc - Patch
References () https://git.kernel.org/stable/c/a03fb1e8a110658215a4cefc3e2ad53279e496a6 - () https://git.kernel.org/stable/c/a03fb1e8a110658215a4cefc3e2ad53279e496a6 - Patch
References () https://git.kernel.org/stable/c/ad91849996f9dd79741a961fd03585a683b08356 - () https://git.kernel.org/stable/c/ad91849996f9dd79741a961fd03585a683b08356 - Patch
References () https://git.kernel.org/stable/c/c6b81b897f6f9445d57f8d47c4e060ec21556137 - () https://git.kernel.org/stable/c/c6b81b897f6f9445d57f8d47c4e060ec21556137 - Patch
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-131
First Time Linux linux Kernel
Linux
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8

28 Feb 2024, 14:06

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medios: staging/intel-ipu3: Corrija el manejo de errores set_fmt Si ocurre un error durante un set_fmt, no sobrescriba los tamaños anteriores con la configuración no válida. Sin este parche, el cumplimiento de v4l2 termina asignando 4 GiB de RAM y provocando los siguientes OOP [38.662975] ipu3-imgu 0000:00:05.0: el búfer swiotlb está lleno (sz: 4096 bytes) [38.662980] DMA: Fuera de SW-IOMMU espacio para 4096 bytes en el dispositivo 0000:00:05.0 [38.663010] falla de protección general: 0000 [#1] PREEMPT SMP

27 Feb 2024, 19:04

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-27 19:04

Updated : 2024-04-10 19:54


NVD link : CVE-2021-46943

Mitre link : CVE-2021-46943

CVE.ORG link : CVE-2021-46943


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-131

Incorrect Calculation of Buffer Size