SB20240608103 - Division by zero in Linux kernel infiniband core driver
Published: June 8, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240608103
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Division by zero (CVE-ID: CVE-2021-47080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the UVERBS_HANDLER() function in drivers/infiniband/core/uverbs_std_types_device.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/66ab7fcdac34b890017f04f391507ef5b2b89a13
- https://git.kernel.org/stable/c/e6871b4270c05f8b212e7d98aee82b357972c80a
- https://git.kernel.org/stable/c/54d87913f147a983589923c7f651f97de9af5be1
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.40
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13