Resource Injection Affecting kernel-rt-trace-devel package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS7-KERNELRTTRACEDEVEL-6498468
- published 26 Mar 2024
- disclosed 25 Mar 2024
Introduced: 25 Mar 2024
CVE-2021-47166 Open this link in a new tabHow to fix?
There is no fixed version for Centos:7 kernel-rt-trace-devel.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-rt-trace-devel package and not the kernel-rt-trace-devel package as distributed by Centos.
See How to fix? for Centos:7 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list.
References
- https://access.redhat.com/security/cve/CVE-2021-47166
- https://git.kernel.org/stable/c/0d0ea309357dea0d85a82815f02157eb7fcda39f
- https://git.kernel.org/stable/c/2fe1cac336b55a1f79e603e9ce3552c3623e90eb
- https://git.kernel.org/stable/c/40f139a6d50c232c0d1fd1c5e65a845c62db0ede
- https://git.kernel.org/stable/c/7087db95c0a06ab201b8ebfac6a7ec1e34257997
- https://git.kernel.org/stable/c/785917316b25685c9b3a2a88f933139f2de75e33
- https://git.kernel.org/stable/c/b291baae24f876acd5a5dd57d0bb2bbac8a68b0c
- https://git.kernel.org/stable/c/c757c1f1e65d89429db1409429436cf40d47c008
- https://git.kernel.org/stable/c/e8b8418ce14ae66ee55179901edd12191ab06a9e