vulnerability

Ubuntu: (CVE-2021-47159): linux vulnerability

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Mar 25, 2024
Added
Nov 19, 2024
Modified
Jul 16, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: fix a crash if ->get_sset_count() fails

If ds->ops->get_sset_count() fails then it "count" is a negative error
code such as -EOPNOTSUPP. Because "i" is an unsigned int, the negative
error code is type promoted to a very high value and the loop will
corrupt memory until the system crashes.

Fix this by checking for error codes and changing the type of "i" to
just int.

Solution(s)

no-fix-ubuntu-packageubuntu-upgrade-linuxubuntu-upgrade-linux-awsubuntu-upgrade-linux-aws-5-4ubuntu-upgrade-linux-aws-fipsubuntu-upgrade-linux-aws-hweubuntu-upgrade-linux-azureubuntu-upgrade-linux-azure-4-15ubuntu-upgrade-linux-azure-5-4ubuntu-upgrade-linux-azure-fipsubuntu-upgrade-linux-bluefieldubuntu-upgrade-linux-fipsubuntu-upgrade-linux-gcpubuntu-upgrade-linux-gcp-4-15ubuntu-upgrade-linux-gcp-5-4ubuntu-upgrade-linux-gcp-fipsubuntu-upgrade-linux-gkeopubuntu-upgrade-linux-hweubuntu-upgrade-linux-hwe-5-4ubuntu-upgrade-linux-kvmubuntu-upgrade-linux-oracleubuntu-upgrade-linux-oracle-5-4ubuntu-upgrade-linux-raspiubuntu-upgrade-linux-raspi-5-4

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today