VYPR
High severity7.8NVD Advisory· Published May 21, 2024· Updated Jun 17, 2026

CVE-2021-47286

CVE-2021-47286

Description

In the Linux kernel, the following vulnerability has been resolved:

bus: mhi: core: Validate channel ID when processing command completions

MHI reads the channel ID from the event ring element sent by the device which can be any value between 0 and 255. In order to prevent any out of bound accesses, add a check against the maximum number of channels supported by the controller and those channels not configured yet so as to skip processing of that event ring element.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Linux/Kernelllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 5.7

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.