vulnerability
Ubuntu: (CVE-2021-47138): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:C/I:N/A:C) | Mar 25, 2024 | Nov 19, 2024 | Sep 1, 2025 |
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:C)
Published
Mar 25, 2024
Added
Nov 19, 2024
Modified
Sep 1, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
cxgb4: avoid accessing registers when clearing filters
Hardware register having the server TID base can contain
invalid values when adapter is in bad state (for example,
due to AER fatal error). Reading these invalid values in the
register can lead to out-of-bound memory access. So, fix
by using the saved server TID base when clearing filters.
Solutions
ubuntu-upgrade-linuxubuntu-upgrade-linux-awsubuntu-upgrade-linux-aws-5-4ubuntu-upgrade-linux-aws-fipsubuntu-upgrade-linux-azureubuntu-upgrade-linux-azure-5-4ubuntu-upgrade-linux-azure-fipsubuntu-upgrade-linux-bluefieldubuntu-upgrade-linux-fipsubuntu-upgrade-linux-gcpubuntu-upgrade-linux-gcp-5-4ubuntu-upgrade-linux-gcp-fipsubuntu-upgrade-linux-gkeopubuntu-upgrade-linux-hwe-5-4ubuntu-upgrade-linux-kvmubuntu-upgrade-linux-oracleubuntu-upgrade-linux-oracle-5-4ubuntu-upgrade-linux-raspiubuntu-upgrade-linux-raspi-5-4
References
- CVE-2021-47138
- https://attackerkb.com/topics/CVE-2021-47138
- CWE-787
- URL-https://git.kernel.org/stable/c/02f03883fdb10ad7e66717c70ea163a8d27ae6e7
- URL-https://git.kernel.org/stable/c/0bf49b3c8d8b3a43ce09f1b2db70e5484d31fcdf
- URL-https://git.kernel.org/stable/c/285207a558ab456aa7d8aa877ecc7e91fcc51710
- URL-https://git.kernel.org/stable/c/88c380df84fbd03f9b137c2b9d0a44b9f2f553b0
- URL-https://www.cve.org/CVERecord?id=CVE-2021-47138
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.