CVE-2021-28972

by Fred · 22/03/2021

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name ‘’ termination, aka CID-cc7a0bb058b8.

Date published : 2021-03-22

https://security.netapp.com/advisory/ntap-20210430-0003/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/

CVE-2021-28972

Similar

Recent Posts

Categories

CVE-2021-28972

Share this:

Similar

Recent Posts

Categories

Tags