CVE-2021-47347

wl1251: Fix possible buffer overflow in wl1251_cmd_scan

Description

In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function wl1251_cmd_scan calls memcpy without checking the length. Harden by checking the length is within the maximum allowed size.

Category

8.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.77% Top 30%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/57ad99ae3c6738ba87bad259bb57c641ca68ebf6 patch
https://git.kernel.org/stable/c/d3d8b9c9c7843dce31e284927d4c9904fd5a510a patch
https://git.kernel.org/stable/c/0f6c0488368c9ac1aa685821916fadba32f5d1ef patch
https://git.kernel.org/stable/c/115103f6e3f1c26c473766c16439c7c8b235529a patch
https://git.kernel.org/stable/c/d71dddeb5380613f9ef199f3e7368fd78fb1a46e patch
https://git.kernel.org/stable/c/c5e4a10d7bd5d4f419d8b9705dff60cf69b302a1 patch
https://git.kernel.org/stable/c/302e2ee34c5f7c5d805b7f835d9a6f2b43474e2a patch
https://git.kernel.org/stable/c/40af3960a15339e8bbd3be50c3bc7b35e1a0b6ea patch
https://git.kernel.org/stable/c/d10a87a3535cce2b890897914f5d0d83df669c63 patch

Frequently Asked Questions

What is the severity of CVE-2021-47347?
CVE-2021-47347 has been scored as a high severity vulnerability.
How to fix CVE-2021-47347?
To fix CVE-2021-47347, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47347 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-47347 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47347?
CVE-2021-47347 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.