Out-of-Bounds Affecting kernel-rt-devel package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS7-KERNELRTDEVEL-7145788
- published 27 May 2024
- disclosed 24 May 2024
How to fix?
There is no fixed version for Centos:7
kernel-rt-devel
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-rt-devel
package and not the kernel-rt-devel
package as distributed by Centos
.
See How to fix?
for Centos:7
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound
In line 5001, if all id in the array 'lp->phy[8]' is not 0, when the 'for' end, the 'k' is 8.
At this time, the array 'lp->phy[8]' may be out of bound.
References
- https://access.redhat.com/security/cve/CVE-2021-47547
- https://git.kernel.org/stable/c/12f907cb11576b8cd0b1d95a16d1f10ed5bb7237
- https://git.kernel.org/stable/c/142ead3dc70411bd5977e8c47a6d8bf22287b3f8
- https://git.kernel.org/stable/c/2c1a6a9a011d622a7c61324a97a49801ba425eff
- https://git.kernel.org/stable/c/61217be886b5f7402843677e4be7e7e83de9cb41
- https://git.kernel.org/stable/c/77ff166909458646e66450e42909e0adacc99049
- https://git.kernel.org/stable/c/d3dedaa5a601107cfedda087209772c76e364d58
- https://git.kernel.org/stable/c/ec5bd0aef1cec96830d0c7e06d3597d9e786cc98
- https://git.kernel.org/stable/c/f059fa40f0fcc6bc7a12e0f2a2504e9a4ff74f1f