FKIE_CVE-2021-47404

Vulnerability from fkie_nvd - Published: 2024-05-21 15:15 - Updated: 2024-12-24 16:05
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malicious devices violate this assumption. So this patch checks hid_device's input is non empty before it's been used.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5ePatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83feePatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5ePatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83feePatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel 5.15
linux linux_kernel 5.15
linux linux_kernel 5.15
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91CAABE-0800-43BE-9D5D-D95C8E6C367B",
              "versionEndExcluding": "4.4.286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "531DC051-E22F-4355-A06F-BE9AF2124AA3",
              "versionEndExcluding": "4.9.285",
              "versionStartIncluding": "4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFC8239-9F26-43B2-A340-8EFC6BC6BDA8",
              "versionEndExcluding": "4.14.249",
              "versionStartIncluding": "4.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21C23429-F802-4256-B3C2-9EEA76AC11FF",
              "versionEndExcluding": "4.19.209",
              "versionStartIncluding": "4.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFFC8E38-107A-4B6F-9FFD-9B2FD8B89EF0",
              "versionEndExcluding": "5.4.151",
              "versionStartIncluding": "4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C740E4-6C54-40CD-A914-2232D8FC781D",
              "versionEndExcluding": "5.10.71",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A437B0D-8305-4C72-B691-D26986A126CF",
              "versionEndExcluding": "5.14.10",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: betop: fix slab-out-of-bounds Write in betop_probe\n\nSyzbot reported slab-out-of-bounds Write bug in hid-betopff driver.\nThe problem is the driver assumes the device must have an input report but\nsome malicious devices violate this assumption.\n\nSo this patch checks hid_device\u0027s input is non empty before it\u0027s been used."
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: HID: betop: corrige escritura slab-out-of-bounds en betop_probe. Syzbot inform\u00f3 un error de escritura slab-out-of-bounds en el controlador hid-betopff. El problema es que el controlador supone que el dispositivo debe tener un informe de entrada, pero algunos dispositivos maliciosos violan esta suposici\u00f3n. Entonces, este parche verifica que la entrada de hid_device no est\u00e9 vac\u00eda antes de usarse."
    }
  ],
  "id": "CVE-2021-47404",
  "lastModified": "2024-12-24T16:05:42.447",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-21T15:15:25.920",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.