{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/centos6els/vex/2021/cve-2021-47219-els_os-centos6els.json" } ], "title": "Security update on CVE-2021-47219", "tracking": { "current_release_date": "2025-12-23T20:26:03Z", "generator": { "date": "2025-12-23T20:26:03Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2021-47219-ELS_OS-CENTOS6ELS", "initial_release_date": "2021-01-01T00:00:00Z", "revision_history": [ { "date": "2021-01-01T00:00:00Z", "number": "1", "summary": "Initial version" }, { "date": "2025-06-09T14:39:23Z", "number": "2", "summary": "Official Publication" }, { "date": "2025-12-23T20:26:03Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Community Enterprise Operating System 6", "product": { "name": "Community Enterprise Operating System 6", "product_id": "CentOS-6", "product_identification_helper": { "cpe": "cpe:2.3:o:centos:centos:6:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Community Enterprise Operating System" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-devel@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-devel@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/python-perf@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/perf@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-headers@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product": { "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product_id": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-abi-whitelists@2.6.32-754.35.8.el6.tuxcare.els22?arch=noarch" } } }, { "category": "product_version", "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product": { "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product_id": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-firmware@2.6.32-754.35.8.el6.tuxcare.els22?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "product": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "product_id": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-devel@2.6.32-754.35.8.el6.tuxcare.els22?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch" }, "product_reference": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686" }, "product_reference": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch" }, "product_reference": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-47219", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()\n\nThe following issue was observed running syzkaller:\n\nBUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline]\nBUG: KASAN: slab-out-of-bounds in sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831\nRead of size 2132 at addr ffff8880aea95dc8 by task syz-executor.0/9815\n\nCPU: 0 PID: 9815 Comm: syz-executor.0 Not tainted 4.19.202-00874-gfc0fe04215a9 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xe4/0x14a lib/dump_stack.c:118\n print_address_description+0x73/0x280 mm/kasan/report.c:253\n kasan_report_error mm/kasan/report.c:352 [inline]\n kasan_report+0x272/0x370 mm/kasan/report.c:410\n memcpy+0x1f/0x50 mm/kasan/kasan.c:302\n memcpy include/linux/string.h:377 [inline]\n sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831\n fill_from_dev_buffer+0x14f/0x340 drivers/scsi/scsi_debug.c:1021\n resp_report_tgtpgs+0x5aa/0x770 drivers/scsi/scsi_debug.c:1772\n schedule_resp+0x464/0x12f0 drivers/scsi/scsi_debug.c:4429\n scsi_debug_queuecommand+0x467/0x1390 drivers/scsi/scsi_debug.c:5835\n scsi_dispatch_cmd+0x3fc/0x9b0 drivers/scsi/scsi_lib.c:1896\n scsi_request_fn+0x1042/0x1810 drivers/scsi/scsi_lib.c:2034\n __blk_run_queue_uncond block/blk-core.c:464 [inline]\n __blk_run_queue+0x1a4/0x380 block/blk-core.c:484\n blk_execute_rq_nowait+0x1c2/0x2d0 block/blk-exec.c:78\n sg_common_write.isra.19+0xd74/0x1dc0 drivers/scsi/sg.c:847\n sg_write.part.23+0x6e0/0xd00 drivers/scsi/sg.c:716\n sg_write+0x64/0xa0 drivers/scsi/sg.c:622\n __vfs_write+0xed/0x690 fs/read_write.c:485\nkill_bdev:block_device:00000000e138492c\n vfs_write+0x184/0x4c0 fs/read_write.c:549\n ksys_write+0x107/0x240 fs/read_write.c:599\n do_syscall_64+0xc2/0x560 arch/x86/entry/common.c:293\n entry_SYSCALL_64_after_hwframe+0x49/0xbe\n\nWe get 'alen' from command its type is int. If userspace passes a large\nlength we will get a negative 'alen'.\n\nSwitch n, alen, and rlen to u32.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-47219" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/66523553fa62c7878fc5441dc4e82be71934eb77", "url": "https://git.kernel.org/stable/c/66523553fa62c7878fc5441dc4e82be71934eb77" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8440377e1a5644779b4c8d013aa2a917f5fc83c3", "url": "https://git.kernel.org/stable/c/8440377e1a5644779b4c8d013aa2a917f5fc83c3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f347c26836c270199de1599c3cd466bb7747caa9", "url": "https://git.kernel.org/stable/c/f347c26836c270199de1599c3cd466bb7747caa9" } ], "release_date": "2024-04-10T19:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] } ] }