U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NOTICE UPDATED - May, 29th 2024

The NVD has a new announcement page with status updates, news, and how to stay connected!

CVE-2021-47511 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with size_t. Due to that, a too big value may be passed to the lower layers. This patch changes the code to handle with ssize_t and adds the proper error checks appropriately.


Severity



CVSS 4.0 Severity and Metrics:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.


NVD Analysts use publicly available information to associate vector strings and CVSS scores. We also display any CVSS information provided within the CVE List from the CNA.

Note: NVD Analysts have not published a CVSS score for this CVE at this time. NVD Analysts use publicly available information at the time of analysis to associate CVSS vector strings.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/00a860678098fcd9fa8db2b5fb9d2ddf4776d4cc
https://git.kernel.org/stable/c/02b2b691b77cd7b951fa7b6c9d44d4e472cdc823
https://git.kernel.org/stable/c/502e1146873d870f87da3b8f93d6bf2de5f38d0c
https://git.kernel.org/stable/c/8af815ab052eaf74addbbfb556d63ce2137c0e1b
https://git.kernel.org/stable/c/9d2479c960875ca1239bcb899f386970c13d9cfe
https://git.kernel.org/stable/c/be8869d388593e57223ad39297c8e54be632f2f2
https://git.kernel.org/stable/c/f12c8a7515f641885677960af450082569a87243
https://git.kernel.org/stable/c/f96c0959c1ee92adc911c10d6ec209af50105049

Weakness Enumeration

CWE-ID CWE Name Source

Change History

2 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2021-47511
NVD Published Date:
05/24/2024
NVD Last Modified:
05/24/2024
Source:
kernel.org