CVE-2021-47135 in Linuxinfo

Summary

by MITRE • 03/15/2024

In the Linux kernel, the following vulnerability has been resolved:

mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report

Fix possible array out of bound access in mt7921_mcu_tx_rate_report. Remove unnecessary varibable in mt7921_mcu_tx_rate_report

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 02/27/2025

The vulnerability identified as CVE-2021-47135 affects the Linux kernel's mt76 wireless driver module, specifically within the mt7921 chipset implementation. This issue resides in the mcu_tx_rate_report function which handles transmission rate reporting for wireless network operations. The vulnerability represents a potential array out of bounds access condition that could be exploited by malicious actors to disrupt normal system operations or potentially execute arbitrary code. The flaw is particularly concerning as it occurs within the kernel space wireless driver component that manages critical network communication functions for devices utilizing MediaTek mt7921 chipsets.

The technical flaw manifests as an array out of bounds access within the mt7921_mcu_tx_rate_report function, which processes transmission rate reports from wireless network devices. This condition arises from improper bounds checking when accessing array elements during rate reporting operations. The vulnerability stems from a logic error where the driver fails to validate array indices before accessing memory locations, potentially allowing attackers to manipulate the index values to access memory outside the intended array boundaries. The fix addresses this by removing an unnecessary variable that was contributing to the improper bounds calculation and by implementing proper array boundary validation. This type of vulnerability falls under CWE-129 Input Validation and OWASP Top Ten category A03: Injection, as it involves improper handling of array indices that could be manipulated by external inputs.

The operational impact of this vulnerability extends beyond simple system instability, potentially affecting network connectivity and overall system security for devices running affected Linux kernels. Systems utilizing MediaTek mt7921 wireless chipsets in enterprise environments, consumer devices, or embedded systems could experience denial of service conditions when the vulnerable function is invoked during normal wireless operations. The vulnerability could be exploited through malformed wireless transmission rate reports that trigger the out of bounds access condition, potentially leading to kernel crashes, system hangs, or more severe security implications depending on the specific exploitation vector. Network administrators should be particularly concerned about devices that frequently exchange wireless transmission rate information, as this would increase the likelihood of triggering the vulnerability.

Mitigation strategies should focus on applying the kernel patch that resolves the array out of bounds issue by properly validating array indices and removing the problematic variable from the mt7921_mcu_tx_rate_report function. System administrators should prioritize updating affected Linux distributions to versions containing the fix, particularly for devices running kernel versions prior to the patched release. Organizations should implement monitoring for unusual wireless network behavior or system crashes that might indicate exploitation attempts. The fix aligns with ATT&CK technique T1059 Command and Scripting Interpreter where adversaries might attempt to exploit kernel vulnerabilities to gain elevated privileges, making timely patching essential for maintaining system integrity. Additionally, implementing network segmentation and access controls for wireless infrastructure can provide additional defense in depth against potential exploitation attempts targeting this specific vulnerability.

Reservation

03/04/2024

Disclosure

03/15/2024

Moderation

accepted

CPE

ready

EPSS

0.00216

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!