dev->config_size". The problem is that since both variables are unsigned the "dev->config_size - offset" subtraction would result in a very high unsigned value. I think these checks might not be necessary because "len" and "offset" are supposed to already have been validated using the vhost_vdpa_config_validate() function. But I do not know the code perfectly, and I like to be safe. "> ,dev->config_size".,The problem,is,that,since,both,variables,are,unsigned,the "dev->config_size,-,offset",subtraction,would,result,in,a,very,high unsigned,value.,I,think,these,checks,might,not,be,necessary,because "len",and,"offset",are,supposed,to,already,have,been,validated,using the,vhost_vdpa_config_validate(),function.,But,I,do,not,know,the,code perfectly,,and,I,like,to,be,safe. "> SecuritySpace - CVE-2021-47604
 
English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2021-47604
Description:In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in get_config() This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset > dev->config_size". The problem is that since both variables are unsigned the "dev->config_size - offset" subtraction would result in a very high unsigned value. I think these checks might not be necessary because "len" and "offset" are supposed to already have been validated using the vhost_vdpa_config_validate() function. But I do not know the code perfectly, and I like to be safe.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-47604
https://git.kernel.org/stable/c/dc1db0060c02d119fd4196924eff2d1129e9a442
https://git.kernel.org/stable/c/dc1db0060c02d119fd4196924eff2d1129e9a442
https://git.kernel.org/stable/c/ebbbc5fea3f648175df1aa3f127c78eb0252cc2a
https://git.kernel.org/stable/c/ebbbc5fea3f648175df1aa3f127c78eb0252cc2a



© 1998-2025 E-Soft Inc. All rights reserved.