CVE-2021-47101

Description

In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than sizeof(smsr) bytes and in this case smsr will be uninitialized. Fail log: BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497 BUG: KMSAN: uninit-value in asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497 asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497 asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

References

• https://access.redhat.com/errata/RHSA-2024:9315
• https://errata.rockylinux.org/RLSA-2024:7000
• https://errata.rockylinux.org/RLSA-2024:7001
• https://www.suse.com/security/cve/CVE-2021-47101.html
• https://security-tracker.debian.org/tracker/CVE-2021-47101
• https://access.redhat.com/errata/RHSA-2024:7000
• https://bugzilla.redhat.com/2258012
• https://bugzilla.redhat.com/2258013
• https://bugzilla.redhat.com/2260038
• https://bugzilla.redhat.com/2265799
• https://bugzilla.redhat.com/2265838
• https://bugzilla.redhat.com/2266358
• https://bugzilla.redhat.com/2266750
• https://bugzilla.redhat.com/2267036
• https://bugzilla.redhat.com/2267041
• https://bugzilla.redhat.com/2267795
• https://bugzilla.redhat.com/2267916
• https://bugzilla.redhat.com/2267925
• https://bugzilla.redhat.com/2268295
• https://bugzilla.redhat.com/2270103
• https://bugzilla.redhat.com/2271648
• https://bugzilla.redhat.com/2271796
• https://bugzilla.redhat.com/2272793
• https://bugzilla.redhat.com/2273141
• https://bugzilla.redhat.com/2273148