CVE-2021-4460Out-of-bounds Read in Linux

CWE-125Out-of-bounds ReadCWE-1335Incorrect Bitwise Shift of Integer6 documents6 sources
Severity
7.1HIGHNVD
EPSS
0.0%
top 97.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_num_xgmi_sdma_queues is 0, we end up doing a shift operation where the number of bits shifted equals number of bits in the operand. This behaviour is undefined. Set num_sdma_queues or num_xgmi_sdma_queues to ULLONG_MAX, if the count is >= number of bits in the operand. Bug: https://gitlab.freedesktop.org/drm/amd/-/issues/1472

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

NVDlinux/linux_kernel5.55.10.36+3
Debianlinux/linux_kernel< 5.10.38-1+3
CVEListV5linux/linux4a488a7ad71401169cecee75dc94bcce642e2c530c0356ef2498c1a250fe3846f30293f828737309+5
debiandebian/linux< linux 5.10.38-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2021-4460: In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_nu2025-10-01
GHSA
GHSA-qxqc-pxc7-f648: In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_2025-10-01

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd2025-10-01
Debian
CVE-2021-4460: linux - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd:...2021

💬Community

1
Bugzilla
CVE-2021-4460 kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd2025-10-01