VYPR
High severity7.1NVD Advisory· Published Feb 28, 2024· Updated Jun 17, 2026

CVE-2021-46993

CVE-2021-46993

Description

In the Linux kernel, the following vulnerability has been resolved:

sched: Fix out-of-bound access in uclamp

Util-clamp places tasks in different buckets based on their clamp values for performance reasons. However, the size of buckets is currently computed using a rounding division, which can lead to an off-by-one error in some configurations.

For instance, with 20 buckets, the bucket size will be 1024/20=51. A task with a clamp of 1024 will be mapped to bucket id 1024/51=20. Sadly, correct indexes are in range [0,19], hence leading to an out of bound memory access.

Clamp the bucket id to fix the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Linux/Kernelllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 5.3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.