Common Weakness Enumeration

CWE-191

Allowed

Integer Underflow (Wrap or Wraparound)

Abstraction: Base · Status: Draft

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

642 vulnerabilities reference this CWE, most recent first.

GHSA-9X9Q-GXG4-G22G

Vulnerability from github – Published: 2022-05-14 03:25 – Updated: 2022-05-14 03:25
VLAI
Details

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-9167"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-18T14:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur.",
  "id": "GHSA-9x9q-gxg4-g22g",
  "modified": "2022-05-14T03:25:51Z",
  "published": "2022-05-14T03:25:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9167"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2018-04-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103671"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C3MC-R2X5-RWMF

Vulnerability from github – Published: 2023-01-11 00:30 – Updated: 2023-01-14 06:30
VLAI
Details

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-4338"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125",
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-10T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.",
  "id": "GHSA-c3mc-r2x5-rwmf",
  "modified": "2023-01-14T06:30:28Z",
  "published": "2023-01-11T00:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4338"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openvswitch/ovs/pull/405"
    },
    {
      "type": "WEB",
      "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202311-16"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5319"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2022/12/21/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C5FJ-M6RF-9968

Vulnerability from github – Published: 2024-04-09 18:30 – Updated: 2024-04-09 18:30
VLAI
Details

Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26244"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-09T17:15:45Z",
    "severity": "HIGH"
  },
  "details": "Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability",
  "id": "GHSA-c5fj-m6rf-9968",
  "modified": "2024-04-09T18:30:26Z",
  "published": "2024-04-09T18:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26244"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26244"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C5G3-QQP2-F4CV

Vulnerability from github – Published: 2021-12-18 00:00 – Updated: 2022-07-02 00:00
VLAI
Details

Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, MELSOFT Navigator all versions and EZSocket all versions allows an attacker to cause a DoS condition in the software by getting a user to open malicious project file specially crafted by an attacker.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-20607"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-17T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Integer Underflow vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior, MELSOFT Navigator all versions and EZSocket all versions allows an attacker to cause a DoS condition in the software by getting a user to open malicious project file specially crafted by an attacker.",
  "id": "GHSA-c5g3-qqp2-f4cv",
  "modified": "2022-07-02T00:00:25Z",
  "published": "2021-12-18T00:00:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20607"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU93817405/index.html"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-05"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-021_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C693-JH58-C8CM

Vulnerability from github – Published: 2023-06-16 21:30 – Updated: 2024-04-04 04:55
VLAI
Details

An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-35790"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-16T21:15:09Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.",
  "id": "GHSA-c693-jh58-c8cm",
  "modified": "2024-04-04T04:55:31Z",
  "published": "2023-06-16T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35790"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libjxl/libjxl/pull/2551"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libjxl/libjxl/releases/tag/v0.8.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C6HR-V224-3W2W

Vulnerability from github – Published: 2026-05-28 12:30 – Updated: 2026-06-19 15:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

dm-thin: fix metadata refcount underflow

There's a bug in dm-thin in the function rebalance_children. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and then decrement the child's reference count.

If the child node is shared (it has reference count > 1), we won't free it, so there would be two pointers to each of the grandchildren nodes. But the reference counts of the grandchildren is not increased, thus the reference count doesn't match the number of pointers that point to the grandchildren. This results in "device mapper: space map common: unable to decrement block" errors.

Fix this bug by incrementing reference counts on the grandchildren if the btree node is shared.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-46107"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T10:16:26Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-thin: fix metadata refcount underflow\n\nThere\u0027s a bug in dm-thin in the function rebalance_children. If the\ninternal btree node has one entry, the code tries to copy all btree\nentries from the node\u0027s child to the node itself and then decrement the\nchild\u0027s reference count.\n\nIf the child node is shared (it has reference count \u003e 1), we won\u0027t free\nit, so there would be two pointers to each of the grandchildren nodes.\nBut the reference counts of the grandchildren is not increased, thus the\nreference count doesn\u0027t match the number of pointers that point to the\ngrandchildren. This results in \"device mapper: space map common: unable\nto decrement block\" errors.\n\nFix this bug by incrementing reference counts on the grandchildren if the\nbtree node is shared.",
  "id": "GHSA-c6hr-v224-3w2w",
  "modified": "2026-06-19T15:33:13Z",
  "published": "2026-05-28T12:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46107"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/09a65adc7d8bbfce06392cb6d375468e2728ead5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/12161e03d33afce781f68fa11cc6060538862fad"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/323d252a4a378834e4fe68298ca61cfc5dd3a460"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5ec0debbcfd43596e32c1239e993de06a704e04c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/85311a585a26640760cd0f3349ab9f2905691044"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b719d12cb94df345e9ad2715fd0abe9afcaeb111"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f06f6aededd792a754cd677c02b3d3016d868c2c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f49b41c9eb7c6ff00df27cd49cea210abbadd8ad"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C76W-89Q6-H938

Vulnerability from github – Published: 2022-05-14 01:09 – Updated: 2022-05-14 01:09
VLAI
Details

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-8924"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-12T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
  "id": "GHSA-c76w-89q6-h938",
  "modified": "2022-05-14T01:09:55Z",
  "published": "2022-05-14T01:09:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8924"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3886"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/98451"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C9GV-4J5C-V56G

Vulnerability from github – Published: 2026-06-25 09:31 – Updated: 2026-06-28 09:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

staging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtraction

Add guards to ensure ie_length is large enough before subtracting fixed IE offsets to prevent unsigned integer underflow.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-53178"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-25T09:16:35Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtraction\n\nAdd guards to ensure ie_length is large enough before subtracting\nfixed IE offsets to prevent unsigned integer underflow.",
  "id": "GHSA-c9gv-4j5c-v56g",
  "modified": "2026-06-28T09:31:43Z",
  "published": "2026-06-25T09:31:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53178"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/542d65a6dbd9733baab96313c9fe76a76e93f484"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/88e994c57a79f62d5338231d8d37ee8dd98baffe"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C9QR-JRPQ-4QQR

Vulnerability from github – Published: 2022-05-13 01:25 – Updated: 2022-05-13 01:25
VLAI
Details

Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-1925"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-01-23T21:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow.",
  "id": "GHSA-c9qr-jrpq-4qqr",
  "modified": "2022-05-13T01:25:07Z",
  "published": "2022-05-13T01:25:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1925"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202007-42"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/01/18/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/01/18/8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C9VQ-9Q39-5J32

Vulnerability from github – Published: 2024-02-27 21:31 – Updated: 2024-04-10 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

tpm: efi: Use local variable for calculating final log size

When tpm_read_log_efi is called multiple times, which happens when one loads and unloads a TPM2 driver multiple times, then the global variable efi_tpm_final_log_size will at some point become a negative number due to the subtraction of final_events_preboot_size occurring each time. Use a local variable to avoid this integer underflow.

The following issue is now resolved:

Mar 8 15:35:12 hibinst kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 Mar 8 15:35:12 hibinst kernel: Workqueue: tpm-vtpm vtpm_proxy_work [tpm_vtpm_proxy] Mar 8 15:35:12 hibinst kernel: RIP: 0010:__memcpy+0x12/0x20 Mar 8 15:35:12 hibinst kernel: Code: 00 b8 01 00 00 00 85 d2 74 0a c7 05 44 7b ef 00 0f 00 00 00 c3 cc cc cc 66 66 90 66 90 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 f3 a4 Mar 8 15:35:12 hibinst kernel: RSP: 0018:ffff9ac4c0fcfde0 EFLAGS: 00010206 Mar 8 15:35:12 hibinst kernel: RAX: ffff88f878cefed5 RBX: ffff88f878ce9000 RCX: 1ffffffffffffe0f Mar 8 15:35:12 hibinst kernel: RDX: 0000000000000003 RSI: ffff9ac4c003bff9 RDI: ffff88f878cf0e4d Mar 8 15:35:12 hibinst kernel: RBP: ffff9ac4c003b000 R08: 0000000000001000 R09: 000000007e9d6073 Mar 8 15:35:12 hibinst kernel: R10: ffff9ac4c003b000 R11: ffff88f879ad3500 R12: 0000000000000ed5 Mar 8 15:35:12 hibinst kernel: R13: ffff88f878ce9760 R14: 0000000000000002 R15: ffff88f77de7f018 Mar 8 15:35:12 hibinst kernel: FS: 0000000000000000(0000) GS:ffff88f87bd00000(0000) knlGS:0000000000000000 Mar 8 15:35:12 hibinst kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Mar 8 15:35:12 hibinst kernel: CR2: ffff9ac4c003c000 CR3: 00000001785a6004 CR4: 0000000000060ee0 Mar 8 15:35:12 hibinst kernel: Call Trace: Mar 8 15:35:12 hibinst kernel: tpm_read_log_efi+0x152/0x1a7 Mar 8 15:35:12 hibinst kernel: tpm_bios_log_setup+0xc8/0x1c0 Mar 8 15:35:12 hibinst kernel: tpm_chip_register+0x8f/0x260 Mar 8 15:35:12 hibinst kernel: vtpm_proxy_work+0x16/0x60 [tpm_vtpm_proxy] Mar 8 15:35:12 hibinst kernel: process_one_work+0x1b4/0x370 Mar 8 15:35:12 hibinst kernel: worker_thread+0x53/0x3e0 Mar 8 15:35:12 hibinst kernel: ? process_one_work+0x370/0x370

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-46951"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-27T19:04:06Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: efi: Use local variable for calculating final log size\n\nWhen tpm_read_log_efi is called multiple times, which happens when\none loads and unloads a TPM2 driver multiple times, then the global\nvariable efi_tpm_final_log_size will at some point become a negative\nnumber due to the subtraction of final_events_preboot_size occurring\neach time. Use a local variable to avoid this integer underflow.\n\nThe following issue is now resolved:\n\nMar  8 15:35:12 hibinst kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\nMar  8 15:35:12 hibinst kernel: Workqueue: tpm-vtpm vtpm_proxy_work [tpm_vtpm_proxy]\nMar  8 15:35:12 hibinst kernel: RIP: 0010:__memcpy+0x12/0x20\nMar  8 15:35:12 hibinst kernel: Code: 00 b8 01 00 00 00 85 d2 74 0a c7 05 44 7b ef 00 0f 00 00 00 c3 cc cc cc 66 66 90 66 90 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 \u003cf3\u003e 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 f3 a4\nMar  8 15:35:12 hibinst kernel: RSP: 0018:ffff9ac4c0fcfde0 EFLAGS: 00010206\nMar  8 15:35:12 hibinst kernel: RAX: ffff88f878cefed5 RBX: ffff88f878ce9000 RCX: 1ffffffffffffe0f\nMar  8 15:35:12 hibinst kernel: RDX: 0000000000000003 RSI: ffff9ac4c003bff9 RDI: ffff88f878cf0e4d\nMar  8 15:35:12 hibinst kernel: RBP: ffff9ac4c003b000 R08: 0000000000001000 R09: 000000007e9d6073\nMar  8 15:35:12 hibinst kernel: R10: ffff9ac4c003b000 R11: ffff88f879ad3500 R12: 0000000000000ed5\nMar  8 15:35:12 hibinst kernel: R13: ffff88f878ce9760 R14: 0000000000000002 R15: ffff88f77de7f018\nMar  8 15:35:12 hibinst kernel: FS:  0000000000000000(0000) GS:ffff88f87bd00000(0000) knlGS:0000000000000000\nMar  8 15:35:12 hibinst kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nMar  8 15:35:12 hibinst kernel: CR2: ffff9ac4c003c000 CR3: 00000001785a6004 CR4: 0000000000060ee0\nMar  8 15:35:12 hibinst kernel: Call Trace:\nMar  8 15:35:12 hibinst kernel: tpm_read_log_efi+0x152/0x1a7\nMar  8 15:35:12 hibinst kernel: tpm_bios_log_setup+0xc8/0x1c0\nMar  8 15:35:12 hibinst kernel: tpm_chip_register+0x8f/0x260\nMar  8 15:35:12 hibinst kernel: vtpm_proxy_work+0x16/0x60 [tpm_vtpm_proxy]\nMar  8 15:35:12 hibinst kernel: process_one_work+0x1b4/0x370\nMar  8 15:35:12 hibinst kernel: worker_thread+0x53/0x3e0\nMar  8 15:35:12 hibinst kernel: ? process_one_work+0x370/0x370",
  "id": "GHSA-c9vq-9q39-5j32",
  "modified": "2024-04-10T21:30:29Z",
  "published": "2024-02-27T21:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46951"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2f12258b5224cfaa808c54fd29345f3c1cbfca76"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3818b753277f5ca0c170bf5b98e0a5a225542fcb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/48cff270b037022e37835d93361646205ca25101"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/60a01ecc9f68067e4314a0b55148e39e5d58a51b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ac07c557ca12ec9276c0375517bac7ae5be4e50c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.