Security Advisory

CVE-2021-47286

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-21 14:34:47
Last updated 2026-05-11 13:51:33
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device which can be any value between 0 and 255. In order to prevent any out of bound accesses, add a check against the maximum number of channels supported by the controller and those channels not configured yet so as to skip processing of that event ring element.