Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-47404 |
CWE-ID | CWE-125 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU90298
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47404
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/a4faa7153b87fbcfe4be15f4278676f79ca6e019
http://git.kernel.org/stable/c/6fc4476dda58f6c00097c7ddec3b772513f57525
http://git.kernel.org/stable/c/1c83c38dec83d57bc18d0c01d82c413d3b34ccb9
http://git.kernel.org/stable/c/bb8b72374db69afa25a5b65cf1c092860c6fe914
http://git.kernel.org/stable/c/fe9bb925e7096509711660d39c0493a1546e9550
http://git.kernel.org/stable/c/dedfc35a2de2bae9fa3da8210a05bfd515f83fee
http://git.kernel.org/stable/c/708107b80aa616976d1c5fa60ac0c1390749db5e
http://git.kernel.org/stable/c/1e4ce418b1cb1a810256b5fb3fd33d22d1325993
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.