{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47168", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-25T09:12:14.111Z", "datePublished": "2024-03-25T09:16:20.778Z", "dateUpdated": "2024-11-04T12:00:43.949Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:00:43.949Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix an incorrect limit in filelayout_decode_layout()\n\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption. It should be NFS_MAXFHSIZE because that's the size\nof the ->data[] buffer.\n\nI reversed the size of the arguments to put the variable on the left."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nfs/filelayout/filelayout.c"], "versions": [{"version": "16b374ca439f", "lessThan": "9d280ab53df1", "status": "affected", "versionType": "git"}, {"version": "16b374ca439f", "lessThan": "b287521e9e94", "status": "affected", "versionType": "git"}, {"version": "16b374ca439f", "lessThan": "f299522eda15", "status": "affected", "versionType": "git"}, {"version": "16b374ca439f", "lessThan": "945ebef99722", "status": "affected", "versionType": "git"}, {"version": "16b374ca439f", "lessThan": "e411df81cd86", "status": "affected", "versionType": "git"}, {"version": "16b374ca439f", "lessThan": "9b367fe770b1", "status": "affected", "versionType": "git"}, {"version": "16b374ca439f", "lessThan": "d34fb628f6ef", "status": "affected", "versionType": "git"}, {"version": "16b374ca439f", "lessThan": "769b01ea68b6", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nfs/filelayout/filelayout.c"], "versions": [{"version": "2.6.37", "status": "affected"}, {"version": "0", "lessThan": "2.6.37", "status": "unaffected", "versionType": "semver"}, {"version": "4.4.271", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.271", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.235", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.193", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.124", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.42", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.9", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040"}, {"url": "https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1"}, {"url": "https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714"}, {"url": "https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a"}, {"url": "https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1"}, {"url": "https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e"}, {"url": "https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84"}, {"url": "https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8"}], "title": "NFS: fix an incorrect limit in filelayout_decode_layout()", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.927Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47168", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:54:34.857777Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:52.333Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.927Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47168", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:54:34.857777Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:19.338Z"}}], "cna": {"title": "NFS: fix an incorrect limit in filelayout_decode_layout()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "16b374ca439f", "lessThan": "9d280ab53df1", "versionType": "git"}, {"status": "affected", "version": "16b374ca439f", "lessThan": "b287521e9e94", "versionType": "git"}, {"status": "affected", "version": "16b374ca439f", "lessThan": "f299522eda15", "versionType": "git"}, {"status": "affected", "version": "16b374ca439f", "lessThan": "945ebef99722", "versionType": "git"}, {"status": "affected", "version": "16b374ca439f", "lessThan": "e411df81cd86", "versionType": "git"}, {"status": "affected", "version": "16b374ca439f", "lessThan": "9b367fe770b1", "versionType": "git"}, {"status": "affected", "version": "16b374ca439f", "lessThan": "d34fb628f6ef", "versionType": "git"}, {"status": "affected", "version": "16b374ca439f", "lessThan": "769b01ea68b6", "versionType": "git"}], "programFiles": ["fs/nfs/filelayout/filelayout.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.37"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.37", "versionType": "semver"}, {"status": "unaffected", "version": "4.4.271", "versionType": "semver", "lessThanOrEqual": "4.4.*"}, {"status": "unaffected", "version": "4.9.271", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.235", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.193", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.124", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.42", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.12.9", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/nfs/filelayout/filelayout.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040"}, {"url": "https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1"}, {"url": "https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714"}, {"url": "https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a"}, {"url": "https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1"}, {"url": "https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e"}, {"url": "https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84"}, {"url": "https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix an incorrect limit in filelayout_decode_layout()\n\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption. It should be NFS_MAXFHSIZE because that's the size\nof the ->data[] buffer.\n\nI reversed the size of the arguments to put the variable on the left."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:00:43.949Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47168", "state": "PUBLISHED", "dateUpdated": "2024-11-04T12:00:43.949Z", "dateReserved": "2024-03-25T09:12:14.111Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-25T09:16:20.778Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix an incorrect limit in filelayout_decode_layout()\n\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption. It should be NFS_MAXFHSIZE because that's the size\nof the ->data[] buffer.\n\nI reversed the size of the arguments to put the variable on the left."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFS: corrige un l\u00edmite incorrecto en filelayout_decode_layout() El \"sizeof(struct nfs_fh)\" es dos bytes demasiado grande y podr\u00eda provocar da\u00f1os en la memoria. Deber\u00eda ser NFS_MAXFHSIZE porque ese es el tama\u00f1o del b\u00fafer ->datos[]. Invert\u00ed el tama\u00f1o de los argumentos para poner la variable a la izquierda."}], "id": "CVE-2021-47168", "lastModified": "2024-03-25T13:47:14.087", "metrics": {}, "published": "2024-03-25T10:15:08.773", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: NFS: fix an incorrect limit in filelayout_decode_layout()", "id": "2271432", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271432"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-99", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nNFS: fix an incorrect limit in filelayout_decode_layout()\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption. It should be NFS_MAXFHSIZE because that's the size\nof the ->data[] buffer.\nI reversed the size of the arguments to put the variable on the left.", "A vulnerability was found in the NFS implementation in Linux Kernel causing memory corruption due to an incorrect size limit in filelayout_decode_layout(). Using \"sizeof(struct nfs_fh)\" instead of NFS_MAXFHSIZE led to buffer overflow by two bytes leads to potential memory corruption."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2021-47168", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47168\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47168\nhttps://lore.kernel.org/linux-cve-announce/2024032536-CVE-2021-47168-2916@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 4.4.271, kernel 4.9.271, kernel 4.14.235, kernel 4.19.193, kernel 5.4.124, kernel 5.10.42, kernel 5.12.9, kernel 5.13"}