In the Linux kernel, the following vulnerability has been resolved:
asix: fix uninit-value in asix_mdio_read()
asix_read_cmd() may read less than sizeof(smsr) bytes and in this case
smsr will be uninitialized.
Fail log:
BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]
BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497
BUG: KMSAN: uninit-value in asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497
asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline]
asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497
asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497
References
Configurations
Configuration 1 (hide)
|
History
03 Feb 2025, 14:02
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
| First Time |
Linux linux Kernel
Linux |
|
| CWE | CWE-908 | |
| CPE | cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.16:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:* |
|
| References | () https://git.kernel.org/stable/c/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03 - Patch | |
| References | () https://git.kernel.org/stable/c/d259f621c85949f30cc578cac813b82bb5169f56 - Patch |
Information
Published : 2024-03-04 18:15
Updated : 2025-02-03 14:02
NVD link : CVE-2021-47101
Mitre link : CVE-2021-47101
CVE.ORG link : CVE-2021-47101
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-908
Use of Uninitialized Resource