CVE-2021-43975

Description

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://www.suse.com/security/cve/CVE-2021-43975.html
• https://security-tracker.debian.org/tracker/CVE-2021-43975
• https://access.redhat.com/errata/RHSA-2023:7077
• https://bugzilla.redhat.com/2024989
• https://bugzilla.redhat.com/2073091
• https://bugzilla.redhat.com/2133453
• https://bugzilla.redhat.com/2133455
• https://bugzilla.redhat.com/2139610
• https://bugzilla.redhat.com/2147356
• https://bugzilla.redhat.com/2148520
• https://bugzilla.redhat.com/2149024
• https://bugzilla.redhat.com/2151317
• https://bugzilla.redhat.com/2156322
• https://bugzilla.redhat.com/2165741
• https://bugzilla.redhat.com/2165926
• https://bugzilla.redhat.com/2168332
• https://bugzilla.redhat.com/2173403
• https://bugzilla.redhat.com/2173430
• https://bugzilla.redhat.com/2173434
• https://bugzilla.redhat.com/2173444
• https://bugzilla.redhat.com/2174400
• https://bugzilla.redhat.com/2175903
• https://bugzilla.redhat.com/2176140
• https://bugzilla.redhat.com/2177371
• https://bugzilla.redhat.com/2177389

💬 Discuss CVE-2021-43975 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.