rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/11/18/1 | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2022/11/21/2 | Third Party Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=74b6b20df8cfe90ada777d621b54c32e69e27cd7 | Mailing List Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJPVQZPY3DHPV5I3IVNMSMO6D3PKZISX/ | |
https://security.netapp.com/advisory/ntap-20210507-0008/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
History
09 Nov 2023, 14:44
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:* |
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* |
First Time |
Netapp h500e Firmware
Netapp h300e Netapp h410s Netapp h500e Netapp h700s Netapp h700e Netapp h500s Firmware Netapp h700e Firmware Netapp h410s Firmware Netapp h700s Firmware Netapp h500s Netapp h300e Firmware Netapp h300s Firmware Netapp h300s |
07 Nov 2023, 03:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-03-17 15:15
Updated : 2024-02-28 18:08
NVD link : CVE-2021-28660
Mitre link : CVE-2021-28660
CVE.ORG link : CVE-2021-28660
JSON object : View
Products Affected
debian
- debian_linux
netapp
- h500e_firmware
- h500e
- h700s
- solidfire_baseboard_management_controller_firmware
- solidfire_baseboard_management_controller
- h700s_firmware
- h410s
- cloud_backup
- h300e
- h500s
- h300s
- h300s_firmware
- h500s_firmware
- h700e
- h700e_firmware
- h300e_firmware
- h410s_firmware
linux
- linux_kernel
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write