SB2024070232 - Buffer overflow in Linux kernel arm kernel
Published: July 2, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024070232
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2021-47006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the breakpoint_handler() function in arch/arm/kernel/hw_breakpoint.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/555a70f7fff03bd669123487905c47ae27dbdaac
- https://git.kernel.org/stable/c/ed1f67465327cec4457bb988775245b199da86e6
- https://git.kernel.org/stable/c/a9938d6d78a238d6ab8de57a4d3dcf77adceb9bb
- https://git.kernel.org/stable/c/3ed8832aeaa9a37b0fc386bb72ff604352567c80
- https://git.kernel.org/stable/c/630146203108bf6b8934eec0dfdb3e46dcb917de
- https://git.kernel.org/stable/c/7eeacc6728c5478e3c01bc82a1f08958eaa12366
- https://git.kernel.org/stable/c/dabe299425b1a53a69461fed7ac8922ea6733a25
- https://git.kernel.org/stable/c/a506bd5756290821a4314f502b4bafc2afcf5260
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.233
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.191
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.269
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.38
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.22
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.5
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.120