Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-47124 (GCVE-0-2021-47124)
Vulnerability from cvelistv5 – Published: 2024-03-15 20:14 – Updated: 2026-05-11 13:48
VLAI?
EPSS
Title
io_uring: fix link timeout refs
Summary
In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix link timeout refs
WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28
RIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28
Call Trace:
__refcount_sub_and_test include/linux/refcount.h:283 [inline]
__refcount_dec_and_test include/linux/refcount.h:315 [inline]
refcount_dec_and_test include/linux/refcount.h:333 [inline]
io_put_req fs/io_uring.c:2140 [inline]
io_queue_linked_timeout fs/io_uring.c:6300 [inline]
__io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354
io_submit_sqe fs/io_uring.c:6534 [inline]
io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660
__do_sys_io_uring_enter fs/io_uring.c:9240 [inline]
__se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182
io_link_timeout_fn() should put only one reference of the linked timeout
request, however in case of racing with the master request's completion
first io_req_complete() puts one and then io_put_req_deferred() is
called.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
1c20e9040f49687ba2ccc2ffd4411351a6c2ebff , < 0b2a990e5d2f76d020cb840c456e6ec5f0c27530
(git)
Affected: 1c20e9040f49687ba2ccc2ffd4411351a6c2ebff , < 6f5d7a45f58d3abe3a936de1441b8d6318f978ff (git) Affected: 9ae1f8dd372e0e4c020b345cf9e09f519265e981 , < 876808dba2ff7509bdd7f230c4f374a0caf4f410 (git) Affected: 9ae1f8dd372e0e4c020b345cf9e09f519265e981 , < ff4a96ba5c8f9b266706280ff8021d2ef3f17e86 (git) Affected: 9ae1f8dd372e0e4c020b345cf9e09f519265e981 , < a298232ee6b9a1d5d732aa497ff8be0d45b5bd82 (git) Affected: 567c81912cec641db75ac6cb64c63f8367c97d19 (git) |
|
| Linux | Linux |
Affected:
5.12
Unaffected: 0 , < 5.12 (semver) Unaffected: 5.10.43 , ≤ 5.10.* (semver) Unaffected: 5.10.55 , ≤ 5.10.* (semver) Unaffected: 5.12.10 , ≤ 5.12.* (semver) Unaffected: 5.12.19 , ≤ 5.12.* (semver) Unaffected: 5.13 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-18T20:27:15.011125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:14:33.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:24:39.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/io_uring.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0b2a990e5d2f76d020cb840c456e6ec5f0c27530",
"status": "affected",
"version": "1c20e9040f49687ba2ccc2ffd4411351a6c2ebff",
"versionType": "git"
},
{
"lessThan": "6f5d7a45f58d3abe3a936de1441b8d6318f978ff",
"status": "affected",
"version": "1c20e9040f49687ba2ccc2ffd4411351a6c2ebff",
"versionType": "git"
},
{
"lessThan": "876808dba2ff7509bdd7f230c4f374a0caf4f410",
"status": "affected",
"version": "9ae1f8dd372e0e4c020b345cf9e09f519265e981",
"versionType": "git"
},
{
"lessThan": "ff4a96ba5c8f9b266706280ff8021d2ef3f17e86",
"status": "affected",
"version": "9ae1f8dd372e0e4c020b345cf9e09f519265e981",
"versionType": "git"
},
{
"lessThan": "a298232ee6b9a1d5d732aa497ff8be0d45b5bd82",
"status": "affected",
"version": "9ae1f8dd372e0e4c020b345cf9e09f519265e981",
"versionType": "git"
},
{
"status": "affected",
"version": "567c81912cec641db75ac6cb64c63f8367c97d19",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/io_uring.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.12"
},
{
"lessThan": "5.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.43",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.55",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.43",
"versionStartIncluding": "5.10.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.55",
"versionStartIncluding": "5.10.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.12.10",
"versionStartIncluding": "5.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.12.19",
"versionStartIncluding": "5.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.13",
"versionStartIncluding": "5.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix link timeout refs\n\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nCall Trace:\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\n io_put_req fs/io_uring.c:2140 [inline]\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\n io_submit_sqe fs/io_uring.c:6534 [inline]\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\n\nio_link_timeout_fn() should put only one reference of the linked timeout\nrequest, however in case of racing with the master request\u0027s completion\nfirst io_req_complete() puts one and then io_put_req_deferred() is\ncalled."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T13:48:30.771Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
},
{
"url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
},
{
"url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
},
{
"url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
},
{
"url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
}
],
"title": "io_uring: fix link timeout refs",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47124",
"datePublished": "2024-03-15T20:14:29.605Z",
"dateReserved": "2024-03-04T18:12:48.839Z",
"dateUpdated": "2026-05-11T13:48:30.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-47124",
"date": "2026-05-19",
"epss": "0.00019",
"percentile": "0.05121"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nio_uring: fix link timeout refs\\n\\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\\nCall Trace:\\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\\n io_put_req fs/io_uring.c:2140 [inline]\\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\\n io_submit_sqe fs/io_uring.c:6534 [inline]\\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\\n\\nio_link_timeout_fn() should put only one reference of the linked timeout\\nrequest, however in case of racing with the master request\u0027s completion\\nfirst io_req_complete() puts one and then io_put_req_deferred() is\\ncalled.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: corrige las referencias de tiempo de espera del enlace ADVERTENCIA: CPU: 0 PID: 10242 en lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010: refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 Seguimiento de llamadas: __refcount_sub_and_test include/linux/refcount.h:283 [en l\\u00ednea] __refcount_dec_and_test include/linux/refcount.h:315 [en l\\u00ednea] refcount_dec_and_test include/linux/refcount.h: 333 [en l\\u00ednea] io_put_req fs/io_uring.c:2140 [en l\\u00ednea] io_queue_linked_timeout fs/io_uring.c:6300 [en l\\u00ednea] __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354 io_submit_sqe fs/io_uring.c:6534 [en l\\u00ednea] io_submit _sqes +0x2bbd/0x7c50 fs/io_uring.c:6660 __do_sys_io_uring_enter fs/io_uring.c:9240 [en l\\u00ednea] __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182 io_link_timeout_fn() debe poner solo una referencia de la solicitud de tiempo de espera vinculada, sin embargo en En el caso de competir con la finalizaci\\u00f3n de la solicitud maestra, primero io_req_complete() coloca uno y luego se llama a io_put_req_deferred().\"}]",
"id": "CVE-2021-47124",
"lastModified": "2024-11-21T06:35:26.677",
"published": "2024-03-15T21:15:07.260",
"references": "[{\"url\": \"https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-47124\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-15T21:15:07.260\",\"lastModified\":\"2025-03-13T19:35:51.843\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nio_uring: fix link timeout refs\\n\\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\\nCall Trace:\\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\\n io_put_req fs/io_uring.c:2140 [inline]\\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\\n io_submit_sqe fs/io_uring.c:6534 [inline]\\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\\n\\nio_link_timeout_fn() should put only one reference of the linked timeout\\nrequest, however in case of racing with the master request\u0027s completion\\nfirst io_req_complete() puts one and then io_put_req_deferred() is\\ncalled.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: corrige las referencias de tiempo de espera del enlace ADVERTENCIA: CPU: 0 PID: 10242 en lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010: refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 Seguimiento de llamadas: __refcount_sub_and_test include/linux/refcount.h:283 [en l\u00ednea] __refcount_dec_and_test include/linux/refcount.h:315 [en l\u00ednea] refcount_dec_and_test include/linux/refcount.h: 333 [en l\u00ednea] io_put_req fs/io_uring.c:2140 [en l\u00ednea] io_queue_linked_timeout fs/io_uring.c:6300 [en l\u00ednea] __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354 io_submit_sqe fs/io_uring.c:6534 [en l\u00ednea] io_submit _sqes +0x2bbd/0x7c50 fs/io_uring.c:6660 __do_sys_io_uring_enter fs/io_uring.c:9240 [en l\u00ednea] __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182 io_link_timeout_fn() debe poner solo una referencia de la solicitud de tiempo de espera vinculada, sin embargo en En el caso de competir con la finalizaci\u00f3n de la solicitud maestra, primero io_req_complete() coloca uno y luego se llama a io_put_req_deferred().\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.10.26\",\"versionEndExcluding\":\"5.10.43\",\"matchCriteriaId\":\"7AA99340-AE0B-4861-BD12-24D20E28B7BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.10.44\",\"versionEndExcluding\":\"5.10.55\",\"matchCriteriaId\":\"6AF30DF1-E331-4DAC-B612-0FDA18281A08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12\",\"versionEndExcluding\":\"5.12.10\",\"matchCriteriaId\":\"C68A4290-9FFF-4037-9467-4FF878E3085F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12.11\",\"versionEndExcluding\":\"5.12.19\",\"matchCriteriaId\":\"FFAD6692-628C-40D7-A83C-01022B6D6DBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:24:39.807Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-47124\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-18T20:27:15.011125Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:18.581Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"io_uring: fix link timeout refs\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"1c20e9040f49687ba2ccc2ffd4411351a6c2ebff\", \"lessThan\": \"0b2a990e5d2f76d020cb840c456e6ec5f0c27530\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"1c20e9040f49687ba2ccc2ffd4411351a6c2ebff\", \"lessThan\": \"6f5d7a45f58d3abe3a936de1441b8d6318f978ff\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9ae1f8dd372e0e4c020b345cf9e09f519265e981\", \"lessThan\": \"876808dba2ff7509bdd7f230c4f374a0caf4f410\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9ae1f8dd372e0e4c020b345cf9e09f519265e981\", \"lessThan\": \"ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9ae1f8dd372e0e4c020b345cf9e09f519265e981\", \"lessThan\": \"a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"567c81912cec641db75ac6cb64c63f8367c97d19\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/io_uring.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.12\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.12\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.43\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.55\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.10\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.19\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/io_uring.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530\"}, {\"url\": \"https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff\"}, {\"url\": \"https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410\"}, {\"url\": \"https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\"}, {\"url\": \"https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nio_uring: fix link timeout refs\\n\\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\\nCall Trace:\\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\\n io_put_req fs/io_uring.c:2140 [inline]\\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\\n io_submit_sqe fs/io_uring.c:6534 [inline]\\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\\n\\nio_link_timeout_fn() should put only one reference of the linked timeout\\nrequest, however in case of racing with the master request\u0027s completion\\nfirst io_req_complete() puts one and then io_put_req_deferred() is\\ncalled.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.43\", \"versionStartIncluding\": \"5.10.26\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.55\", \"versionStartIncluding\": \"5.10.26\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.10\", \"versionStartIncluding\": \"5.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.19\", \"versionStartIncluding\": \"5.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13\", \"versionStartIncluding\": \"5.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.11.6\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T12:41:06.098Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-47124\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T12:41:06.098Z\", \"dateReserved\": \"2024-03-04T18:12:48.839Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-03-15T20:14:29.605Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
BDU:2025-13696
Vulnerability from fstec - Published: 08.05.2021
VLAI Severity ?
Title
Уязвимость функции io_link_timeout_fn() модуля fs/io_uring.c поддержки файловой системы ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.
Description
Уязвимость функции io_link_timeout_fn() модуля fs/io_uring.c поддержки файловой системы ядра операционной системы Linux связана с неправильной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.
Severity ?
Vendor
Сообщество свободного программного обеспечения
Software Name
Linux
Software Version
от 5.10.26 до 5.10.54 включительно (Linux), от 5.11.6 до 5.12.18 включительно (Linux)
Possible Mitigations
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для Linux:
https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530
https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff
https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410
https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86
https://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47124-42c9@gregkh/
https://git.kernel.org/linus/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82
https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=0b2a990e5d2f76d020cb840c456e6ec5f0c27530
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.55
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19
Reference
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47124
https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530
https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff
https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410
https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86
https://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47124-42c9@gregkh/
https://git.kernel.org/linus/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82
https://www.cve.org/CVERecord?id=CVE-2021-47124
https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=0b2a990e5d2f76d020cb840c456e6ec5f0c27530
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.55
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19
CWE
CWE-20
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 5.10.26 \u0434\u043e 5.10.54 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11.6 \u0434\u043e 5.12.18 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Linux:\nhttps://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530\nhttps://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff\nhttps://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410\nhttps://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\nhttps://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47124-42c9@gregkh/\nhttps://git.kernel.org/linus/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=0b2a990e5d2f76d020cb840c456e6ec5f0c27530\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.55\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "08.05.2021",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.11.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.11.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-13696",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-47124",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.10.26 \u0434\u043e 5.10.54 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11.6 \u0434\u043e 5.12.18 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 io_link_timeout_fn() \u043c\u043e\u0434\u0443\u043b\u044f fs/io_uring.c \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 io_link_timeout_fn() \u043c\u043e\u0434\u0443\u043b\u044f fs/io_uring.c \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47124\nhttps://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530\nhttps://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff\nhttps://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410\nhttps://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86\nhttps://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47124-42c9@gregkh/\nhttps://git.kernel.org/linus/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82\nhttps://www.cve.org/CVERecord?id=CVE-2021-47124\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=0b2a990e5d2f76d020cb840c456e6ec5f0c27530\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.55\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
FKIE_CVE-2021-47124
Vulnerability from fkie_nvd - Published: 2024-03-15 21:15 - Updated: 2025-03-13 19:35
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix link timeout refs
WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28
RIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28
Call Trace:
__refcount_sub_and_test include/linux/refcount.h:283 [inline]
__refcount_dec_and_test include/linux/refcount.h:315 [inline]
refcount_dec_and_test include/linux/refcount.h:333 [inline]
io_put_req fs/io_uring.c:2140 [inline]
io_queue_linked_timeout fs/io_uring.c:6300 [inline]
__io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354
io_submit_sqe fs/io_uring.c:6534 [inline]
io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660
__do_sys_io_uring_enter fs/io_uring.c:9240 [inline]
__se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182
io_link_timeout_fn() should put only one reference of the linked timeout
request, however in case of racing with the master request's completion
first io_req_complete() puts one and then io_put_req_deferred() is
called.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA99340-AE0B-4861-BD12-24D20E28B7BD",
"versionEndExcluding": "5.10.43",
"versionStartIncluding": "5.10.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF30DF1-E331-4DAC-B612-0FDA18281A08",
"versionEndExcluding": "5.10.55",
"versionStartIncluding": "5.10.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C68A4290-9FFF-4037-9467-4FF878E3085F",
"versionEndExcluding": "5.12.10",
"versionStartIncluding": "5.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAD6692-628C-40D7-A83C-01022B6D6DBA",
"versionEndExcluding": "5.12.19",
"versionStartIncluding": "5.12.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix link timeout refs\n\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nCall Trace:\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\n io_put_req fs/io_uring.c:2140 [inline]\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\n io_submit_sqe fs/io_uring.c:6534 [inline]\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\n\nio_link_timeout_fn() should put only one reference of the linked timeout\nrequest, however in case of racing with the master request\u0027s completion\nfirst io_req_complete() puts one and then io_put_req_deferred() is\ncalled."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: corrige las referencias de tiempo de espera del enlace ADVERTENCIA: CPU: 0 PID: 10242 en lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010: refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 Seguimiento de llamadas: __refcount_sub_and_test include/linux/refcount.h:283 [en l\u00ednea] __refcount_dec_and_test include/linux/refcount.h:315 [en l\u00ednea] refcount_dec_and_test include/linux/refcount.h: 333 [en l\u00ednea] io_put_req fs/io_uring.c:2140 [en l\u00ednea] io_queue_linked_timeout fs/io_uring.c:6300 [en l\u00ednea] __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354 io_submit_sqe fs/io_uring.c:6534 [en l\u00ednea] io_submit _sqes +0x2bbd/0x7c50 fs/io_uring.c:6660 __do_sys_io_uring_enter fs/io_uring.c:9240 [en l\u00ednea] __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182 io_link_timeout_fn() debe poner solo una referencia de la solicitud de tiempo de espera vinculada, sin embargo en En el caso de competir con la finalizaci\u00f3n de la solicitud maestra, primero io_req_complete() coloca uno y luego se llama a io_put_req_deferred()."
}
],
"id": "CVE-2021-47124",
"lastModified": "2025-03-13T19:35:51.843",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-15T21:15:07.260",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-9R82-F7G4-QF37
Vulnerability from github – Published: 2024-03-15 21:30 – Updated: 2025-03-13 21:31
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix link timeout refs
WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 Call Trace: __refcount_sub_and_test include/linux/refcount.h:283 [inline] __refcount_dec_and_test include/linux/refcount.h:315 [inline] refcount_dec_and_test include/linux/refcount.h:333 [inline] io_put_req fs/io_uring.c:2140 [inline] io_queue_linked_timeout fs/io_uring.c:6300 [inline] __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354 io_submit_sqe fs/io_uring.c:6534 [inline] io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660 __do_sys_io_uring_enter fs/io_uring.c:9240 [inline] __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182
io_link_timeout_fn() should put only one reference of the linked timeout request, however in case of racing with the master request's completion first io_req_complete() puts one and then io_put_req_deferred() is called.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2021-47124"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-15T21:15:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix link timeout refs\n\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nCall Trace:\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\n io_put_req fs/io_uring.c:2140 [inline]\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\n io_submit_sqe fs/io_uring.c:6534 [inline]\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\n\nio_link_timeout_fn() should put only one reference of the linked timeout\nrequest, however in case of racing with the master request\u0027s completion\nfirst io_req_complete() puts one and then io_put_req_deferred() is\ncalled.",
"id": "GHSA-9r82-f7g4-qf37",
"modified": "2025-03-13T21:31:00Z",
"published": "2024-03-15T21:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47124"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2021-47124
Vulnerability from gsd - Updated: 2024-03-05 06:03Details
In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix link timeout refs
WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28
RIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28
Call Trace:
__refcount_sub_and_test include/linux/refcount.h:283 [inline]
__refcount_dec_and_test include/linux/refcount.h:315 [inline]
refcount_dec_and_test include/linux/refcount.h:333 [inline]
io_put_req fs/io_uring.c:2140 [inline]
io_queue_linked_timeout fs/io_uring.c:6300 [inline]
__io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354
io_submit_sqe fs/io_uring.c:6534 [inline]
io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660
__do_sys_io_uring_enter fs/io_uring.c:9240 [inline]
__se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182
io_link_timeout_fn() should put only one reference of the linked timeout
request, however in case of racing with the master request's completion
first io_req_complete() puts one and then io_put_req_deferred() is
called.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-47124"
],
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix link timeout refs\n\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nCall Trace:\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\n io_put_req fs/io_uring.c:2140 [inline]\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\n io_submit_sqe fs/io_uring.c:6534 [inline]\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\n\nio_link_timeout_fn() should put only one reference of the linked timeout\nrequest, however in case of racing with the master request\u0027s completion\nfirst io_req_complete() puts one and then io_put_req_deferred() is\ncalled.",
"id": "GSD-2021-47124",
"modified": "2024-03-05T06:03:55.181267Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@kernel.org",
"ID": "CVE-2021-47124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1c20e9040f49",
"version_value": "0b2a990e5d2f"
},
{
"version_affected": "\u003c",
"version_name": "9ae1f8dd372e",
"version_value": "876808dba2ff"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"status": "affected",
"version": "5.12"
},
{
"lessThan": "5.12",
"status": "unaffected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.43",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.55",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.19",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix"
}
]
}
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix link timeout refs\n\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nCall Trace:\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\n io_put_req fs/io_uring.c:2140 [inline]\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\n io_submit_sqe fs/io_uring.c:6534 [inline]\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\n\nio_link_timeout_fn() should put only one reference of the linked timeout\nrequest, however in case of racing with the master request\u0027s completion\nfirst io_req_complete() puts one and then io_put_req_deferred() is\ncalled."
}
]
},
"generator": {
"engine": "bippy-851b3ed3d212"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
},
{
"name": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
},
{
"name": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
},
{
"name": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
},
{
"name": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82",
"refsource": "MISC",
"url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix link timeout refs\n\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nCall Trace:\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\n io_put_req fs/io_uring.c:2140 [inline]\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\n io_submit_sqe fs/io_uring.c:6534 [inline]\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\n\nio_link_timeout_fn() should put only one reference of the linked timeout\nrequest, however in case of racing with the master request\u0027s completion\nfirst io_req_complete() puts one and then io_put_req_deferred() is\ncalled."
}
],
"id": "CVE-2021-47124",
"lastModified": "2024-03-17T22:38:29.433",
"metrics": {},
"published": "2024-03-15T21:15:07.260",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
}
}
}
WID-SEC-W-2024-0652
Vulnerability from csaf_certbund - Published: 2024-03-17 23:00 - Updated: 2025-05-27 22:00Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen oder einen nicht spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EMC Avamar
EMC
|
cpe:/a:emc:avamar:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Dell NetWorker
Dell / NetWorker
|
cpe:/a:dell:networker:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source Linux Kernel <5.13
Open Source / Linux Kernel
|
<5.13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Dell NetWorker <19.11
Dell / NetWorker
|
<19.11 |
References
75 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0652 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0652.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0652 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0652"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031506-CVE-2021-47110-2cb8@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031507-CVE-2021-47112-339c@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031507-CVE-2021-47113-bf29@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031507-CVE-2021-47114-6af8@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031508-CVE-2021-47115-9715@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031508-CVE-2021-47116-8383@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031508-CVE-2021-47117-5ea7@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031509-CVE-2021-47118-faf2@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031509-CVE-2021-47119-22d3@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031510-CVE-2021-47120-c3db@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031510-CVE-2021-47121-13c1@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031510-CVE-2021-47122-b183@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47123-8318@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47124-42c9@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47125-9c33@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031512-CVE-2021-47126-f717@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031512-CVE-2021-47127-d0d6@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031512-CVE-2021-47128-bef7@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031513-CVE-2021-47129-7ba5@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031513-CVE-2021-47130-9f71@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031513-CVE-2021-47131-eafc@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031514-CVE-2021-47132-80b2@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031514-CVE-2021-47133-1141@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031515-CVE-2021-47134-3348@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031515-CVE-2021-47135-2c50@gregkh/"
},
{
"category": "external",
"summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
"url": "http://lore.kernel.org/linux-cve-announce/2024031558-CVE-2021-47109-5bde@gregkh/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1454-1 vom 2024-04-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018431.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1645-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018527.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1642-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018530.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1650-1 vom 2024-05-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018533.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3618"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
"url": "https://access.redhat.com/errata/RHSA-2024:3627"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
"url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1983-1 vom 2024-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018700.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-1942 vom 2024-06-24",
"url": "https://alas.aws.amazon.com/ALAS-2024-1942.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2581 vom 2024-06-25",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2581.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2184-1 vom 2024-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018807.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-022 vom 2024-07-03",
"url": "https://www.dell.com/support/kbdoc/de-de/000226633/dsa-2024-022-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-1943 vom 2024-07-09",
"url": "https://alas.aws.amazon.com/ALAS-2024-1943.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2589 vom 2024-07-11",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2589.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6924-1 vom 2024-07-29",
"url": "https://ubuntu.com/security/notices/USN-6924-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6924-2 vom 2024-07-30",
"url": "https://ubuntu.com/security/notices/USN-6924-2"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7162077 vom 2024-07-31",
"url": "https://www.ibm.com/support/pages/node/7162077"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-348 vom 2024-08-06",
"url": "https://www.dell.com/support/kbdoc/de-de/000227573/dsa-2024-348-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6953-1 vom 2024-08-09",
"url": "https://ubuntu.com/security/notices/USN-6953-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2893-1 vom 2024-08-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019187.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2923-1 vom 2024-08-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019201.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2948-1 vom 2024-08-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019219.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1489-1 vom 2024-08-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/D5LYDXV5ACGHUYO5XWLWD5VAOA5HLJ7U/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1465-1 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019273.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6979-1 vom 2024-08-22",
"url": "https://ubuntu.com/security/notices/USN-6979-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12606 vom 2024-09-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-12606.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2024-0011 vom 2024-09-04",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2024-September/001099.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7183-1 vom 2025-01-06",
"url": "https://ubuntu.com/security/notices/USN-7183-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7184-1 vom 2025-01-06",
"url": "https://ubuntu.com/security/notices/USN-7184-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7415-1 vom 2025-04-04",
"url": "https://ubuntu.com/security/notices/USN-7415-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7429-1 vom 2025-04-09",
"url": "https://ubuntu.com/security/notices/USN-7429-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7428-2 vom 2025-04-09",
"url": "https://ubuntu.com/security/notices/USN-7428-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7429-2 vom 2025-04-09",
"url": "https://ubuntu.com/security/notices/USN-7429-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7428-1 vom 2025-04-09",
"url": "https://ubuntu.com/security/notices/USN-7428-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7461-2 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7461-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7461-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7461-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7462-2 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7462-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7462-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7462-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7463-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7463-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7461-3 vom 2025-05-02",
"url": "https://ubuntu.com/security/notices/USN-7461-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7540-1 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7540-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7539-1 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7539-1"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2025-05-27T22:00:00.000+00:00",
"generator": {
"date": "2025-05-28T09:50:34.001+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-0652",
"initial_release_date": "2024-03-17T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-03-17T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-04-28T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-14T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-30T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-04T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-06-06T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-11T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-24T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon und SUSE aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-07-08T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-07-29T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-30T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-31T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-08-05T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-08-08T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-08-13T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-18T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-19T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-22T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-09-02T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-09-04T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-03T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-24T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-01T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-27T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "30"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T024663",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.11",
"product": {
"name": "Dell NetWorker \u003c19.11",
"product_id": "T035785"
}
},
{
"category": "product_version",
"name": "19.11",
"product": {
"name": "Dell NetWorker 19.11",
"product_id": "T035785-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.11"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.13",
"product": {
"name": "Open Source Linux Kernel \u003c5.13",
"product_id": "T033519"
}
},
{
"category": "product_version",
"name": "5.13",
"product": {
"name": "Open Source Linux Kernel 5.13",
"product_id": "T033519-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.13"
}
}
}
],
"category": "product_name",
"name": "Linux Kernel"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47109",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47109"
},
{
"cve": "CVE-2021-47110",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47110"
},
{
"cve": "CVE-2021-47112",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47112"
},
{
"cve": "CVE-2021-47113",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47113"
},
{
"cve": "CVE-2021-47114",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47114"
},
{
"cve": "CVE-2021-47115",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47115"
},
{
"cve": "CVE-2021-47116",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47116"
},
{
"cve": "CVE-2021-47117",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47117"
},
{
"cve": "CVE-2021-47118",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47118"
},
{
"cve": "CVE-2021-47119",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47119"
},
{
"cve": "CVE-2021-47120",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47120"
},
{
"cve": "CVE-2021-47121",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47121"
},
{
"cve": "CVE-2021-47122",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47122"
},
{
"cve": "CVE-2021-47123",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47123"
},
{
"cve": "CVE-2021-47124",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47124"
},
{
"cve": "CVE-2021-47125",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47125"
},
{
"cve": "CVE-2021-47126",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47126"
},
{
"cve": "CVE-2021-47127",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47127"
},
{
"cve": "CVE-2021-47128",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47128"
},
{
"cve": "CVE-2021-47129",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47129"
},
{
"cve": "CVE-2021-47130",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47130"
},
{
"cve": "CVE-2021-47131",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47131"
},
{
"cve": "CVE-2021-47132",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47132"
},
{
"cve": "CVE-2021-47133",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47133"
},
{
"cve": "CVE-2021-47134",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47134"
},
{
"cve": "CVE-2021-47135",
"product_status": {
"known_affected": [
"T014381",
"T002207",
"67646",
"T000126",
"T024663",
"398363",
"T033519",
"T004914",
"T035785"
]
},
"release_date": "2024-03-17T23:00:00.000+00:00",
"title": "CVE-2021-47135"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…