CVE-2021-46920

low-risk
Published 2024-02-27

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that comes after the register is read.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (6)

Patch https://git.kernel.org/stable/c/02981a44a0e402089775416371bd2e0c935685f8
Patch https://git.kernel.org/stable/c/a5ad12d5d69c63af289a37f05187a0c6fe93553d
Patch https://git.kernel.org/stable/c/ea941ac294d75d0ace50797aebf0056f6f8f7a7f
Patch https://git.kernel.org/stable/c/02981a44a0e402089775416371bd2e0c935685f8
Patch https://git.kernel.org/stable/c/a5ad12d5d69c63af289a37f05187a0c6fe93553d
Patch https://git.kernel.org/stable/c/ea941ac294d75d0ace50797aebf0056f6f8f7a7f
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal