{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-46993", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-27T18:42:55.949Z", "datePublished": "2024-02-28T08:13:18.494Z", "dateUpdated": "2024-11-04T11:57:19.325Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T11:57:19.325Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: Fix out-of-bound access in uclamp\n\nUtil-clamp places tasks in different buckets based on their clamp values\nfor performance reasons. However, the size of buckets is currently\ncomputed using a rounding division, which can lead to an off-by-one\nerror in some configurations.\n\nFor instance, with 20 buckets, the bucket size will be 1024/20=51. A\ntask with a clamp of 1024 will be mapped to bucket id 1024/51=20. Sadly,\ncorrect indexes are in range [0,19], hence leading to an out of bound\nmemory access.\n\nClamp the bucket id to fix the issue."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/sched/core.c"], "versions": [{"version": "69842cba9ace", "lessThan": "687f523c134b", "status": "affected", "versionType": "git"}, {"version": "69842cba9ace", "lessThan": "f7347c85490b", "status": "affected", "versionType": "git"}, {"version": "69842cba9ace", "lessThan": "3da3f804b82a", "status": "affected", "versionType": "git"}, {"version": "69842cba9ace", "lessThan": "42ee47c7e356", "status": "affected", "versionType": "git"}, {"version": "69842cba9ace", "lessThan": "6d2f8909a5fa", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/sched/core.c"], "versions": [{"version": "5.3", "status": "affected"}, {"version": "0", "lessThan": "5.3", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.120", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.38", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.11.22", "lessThanOrEqual": "5.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.5", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/687f523c134b7f0bd040ee1230f6d17990d54172"}, {"url": "https://git.kernel.org/stable/c/f7347c85490b92dd144fa1fba9e1eca501656ab3"}, {"url": "https://git.kernel.org/stable/c/3da3f804b82a0a382d523a21acf4cf3bb35f936d"}, {"url": "https://git.kernel.org/stable/c/42ee47c7e3569d9a0e2cb5053c496d97d380472f"}, {"url": "https://git.kernel.org/stable/c/6d2f8909a5fabb73fe2a63918117943986c39b6c"}], "title": "sched: Fix out-of-bound access in uclamp", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:37.912Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/687f523c134b7f0bd040ee1230f6d17990d54172", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f7347c85490b92dd144fa1fba9e1eca501656ab3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3da3f804b82a0a382d523a21acf4cf3bb35f936d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/42ee47c7e3569d9a0e2cb5053c496d97d380472f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6d2f8909a5fabb73fe2a63918117943986c39b6c", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46993", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:01:01.662746Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:38.812Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/687f523c134b7f0bd040ee1230f6d17990d54172", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f7347c85490b92dd144fa1fba9e1eca501656ab3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3da3f804b82a0a382d523a21acf4cf3bb35f936d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/42ee47c7e3569d9a0e2cb5053c496d97d380472f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6d2f8909a5fabb73fe2a63918117943986c39b6c", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:37.912Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46993", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:01:01.662746Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:17.847Z"}}], "cna": {"title": "sched: Fix out-of-bound access in uclamp", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "69842cba9ace", "lessThan": "687f523c134b", "versionType": "git"}, {"status": "affected", "version": "69842cba9ace", "lessThan": "f7347c85490b", "versionType": "git"}, {"status": "affected", "version": "69842cba9ace", "lessThan": "3da3f804b82a", "versionType": "git"}, {"status": "affected", "version": "69842cba9ace", "lessThan": "42ee47c7e356", "versionType": "git"}, {"status": "affected", "version": "69842cba9ace", "lessThan": "6d2f8909a5fa", "versionType": "git"}], "programFiles": ["kernel/sched/core.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.3"}, {"status": "unaffected", "version": "0", "lessThan": "5.3", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.120", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.38", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.11.22", "versionType": "semver", "lessThanOrEqual": "5.11.*"}, {"status": "unaffected", "version": "5.12.5", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["kernel/sched/core.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/687f523c134b7f0bd040ee1230f6d17990d54172"}, {"url": "https://git.kernel.org/stable/c/f7347c85490b92dd144fa1fba9e1eca501656ab3"}, {"url": "https://git.kernel.org/stable/c/3da3f804b82a0a382d523a21acf4cf3bb35f936d"}, {"url": "https://git.kernel.org/stable/c/42ee47c7e3569d9a0e2cb5053c496d97d380472f"}, {"url": "https://git.kernel.org/stable/c/6d2f8909a5fabb73fe2a63918117943986c39b6c"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: Fix out-of-bound access in uclamp\n\nUtil-clamp places tasks in different buckets based on their clamp values\nfor performance reasons. However, the size of buckets is currently\ncomputed using a rounding division, which can lead to an off-by-one\nerror in some configurations.\n\nFor instance, with 20 buckets, the bucket size will be 1024/20=51. A\ntask with a clamp of 1024 will be mapped to bucket id 1024/51=20. Sadly,\ncorrect indexes are in range [0,19], hence leading to an out of bound\nmemory access.\n\nClamp the bucket id to fix the issue."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T11:57:19.325Z"}}}, "cveMetadata": {"cveId": "CVE-2021-46993", "state": "PUBLISHED", "dateUpdated": "2024-11-04T11:57:19.325Z", "dateReserved": "2024-02-27T18:42:55.949Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-28T08:13:18.494Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: Fix out-of-bound access in uclamp\n\nUtil-clamp places tasks in different buckets based on their clamp values\nfor performance reasons. However, the size of buckets is currently\ncomputed using a rounding division, which can lead to an off-by-one\nerror in some configurations.\n\nFor instance, with 20 buckets, the bucket size will be 1024/20=51. A\ntask with a clamp of 1024 will be mapped to bucket id 1024/51=20. Sadly,\ncorrect indexes are in range [0,19], hence leading to an out of bound\nmemory access.\n\nClamp the bucket id to fix the issue."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: sched: corrige el acceso fuera de los l\u00edmites en uclamp Util-clamp coloca las tareas en diferentes dep\u00f3sitos seg\u00fan sus valores de fijaci\u00f3n por razones de rendimiento. Sin embargo, el tama\u00f1o de los dep\u00f3sitos se calcula actualmente mediante una divisi\u00f3n de redondeo, lo que puede provocar un error de uno por uno en algunas configuraciones. Por ejemplo, con 20 dep\u00f3sitos, el tama\u00f1o del dep\u00f3sito ser\u00e1 1024/20=51. Una tarea con una abrazadera de 1024 se asignar\u00e1 al ID del dep\u00f3sito 1024/51=20. Lamentablemente, los \u00edndices correctos est\u00e1n en el rango [0,19], lo que provoca un acceso a la memoria fuera de los l\u00edmites. Sujete la identificaci\u00f3n del dep\u00f3sito para solucionar el problema."}], "id": "CVE-2021-46993", "lastModified": "2024-02-28T14:06:45.783", "metrics": {}, "published": "2024-02-28T09:15:37.880", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3da3f804b82a0a382d523a21acf4cf3bb35f936d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/42ee47c7e3569d9a0e2cb5053c496d97d380472f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/687f523c134b7f0bd040ee1230f6d17990d54172"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6d2f8909a5fabb73fe2a63918117943986c39b6c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f7347c85490b92dd144fa1fba9e1eca501656ab3"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: sched: Fix out-of-bound access in uclamp", "id": "2266888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266888"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nsched: Fix out-of-bound access in uclamp\nUtil-clamp places tasks in different buckets based on their clamp values\nfor performance reasons. However, the size of buckets is currently\ncomputed using a rounding division, which can lead to an off-by-one\nerror in some configurations.\nFor instance, with 20 buckets, the bucket size will be 1024/20=51. A\ntask with a clamp of 1024 will be mapped to bucket id 1024/51=20. Sadly,\ncorrect indexes are in range [0,19], hence leading to an out of bound\nmemory access.\nClamp the bucket id to fix the issue."], "name": "CVE-2021-46993", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-46993\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46993\nhttps://lore.kernel.org/linux-cve-announce/2024022826-CVE-2021-46993-da22@gregkh/T/#u"], "threat_severity": "Moderate", "upstream_fix": "kernel 5.4.120, kernel 5.10.38, kernel 5.11.22, kernel 5.12.5, kernel 5.13"}