mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
72 lines
2.8 KiB
JSON
72 lines
2.8 KiB
JSON
{
|
|
"id": "CVE-2021-47348",
|
|
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"published": "2024-05-21T15:15:21.350",
|
|
"lastModified": "2024-07-03T01:37:42.580",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid HDCP over-read and corruption\n\nInstead of reading the desired 5 bytes of the actual target field,\nthe code was reading 8. This could result in a corrupted value if the\ntrailing 3 bytes were non-zero, so instead use an appropriately sized\nand zero-initialized bounce buffer, and read only 5 bytes before casting\nto u64."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amd/display: evita la sobrelectura y la corrupci\u00f3n de HDCP. En lugar de leer los 5 bytes deseados del campo de destino real, el c\u00f3digo le\u00eda 8. Esto podr\u00eda resultar en un archivo da\u00f1ado. valor si los 3 bytes finales fueran distintos de cero, por lo tanto, utilice un b\u00fafer de rebote de tama\u00f1o adecuado e inicializado en cero, y lea solo 5 bytes antes de convertir a u64."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 9.1,
|
|
"baseSeverity": "CRITICAL"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 5.2
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/06888d571b513cbfc0b41949948def6cb81021b2",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/3b2b93a485fb7a970bc8b5daef16f4cf579d172f",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/44c7c901cb368a9f2493748f213b247b5872639f",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/c5b518f4b98dbb2bc31b6a55e6aaa1e0e2948f2e",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
}
|
|
]
|
|
} |