CVE-2021-47432

low-risk
Published 2024-05-21

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek() When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the radix tree code. Oops.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (8)

Patch https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac
Patch https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0
Patch https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437
Patch https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c
Patch https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac
Patch https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0
Patch https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437
Patch https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal