Cyber Resilience

CVE-2021-47642

High

Published: 26 February 2025

Published
26 February 2025
Modified
23 September 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 3.5th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-47642 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-16 (Memory Protection).

Deeper analysis

CVE-2021-47642 is a buffer overflow vulnerability in the Linux kernel's nvidiafb driver within the video framebuffer device (fbdev) subsystem. The issue arises in the nvidia_setup_i2c_bus() function, where strcpy() is used to copy a name parameter into the fixed-size chan->adapter.name buffer (48 characters), potentially allowing an overrun as flagged by Coverity (CID 19036). This affects systems using the nvidiafb module for legacy NVIDIA framebuffer support.

A local attacker with low privileges (PR:L) can exploit this vulnerability with low complexity (AC:L) and no user interaction (UI:N), requiring only local access (AV:L). Successful exploitation could result in high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), such as arbitrary code execution, data corruption, or system crashes within the kernel context, as indicated by the CVSS v3.1 score of 7.8.

Mitigation involves applying upstream kernel patches that replace strcpy() with strscpy() to safely truncate copies and prevent overflows. Relevant stable kernel commits include 055cdd2e7b992921424d4daaa285ced787fb205f, 08dff482012758935c185532b1ad7d584785a86e, 37a1a2e6eeeb101285cd34e12e48a881524701aa, 41baa86b6c802cdc6ab8ff2d46c083c9be93de81, and 47e5533adf118afaf06d25a3e2aaaab89371b1c5, available via git.kernel.org. Security practitioners should update affected Linux kernels accordingly.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidia_setup_i2c_bus() it looks like that can't happen after…

more

examiniing the call sites. CID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW) 1. fixed_size_dest: You might overrun the 48-character fixed-size string chan->adapter.name by copying name without checking the length. 2. parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function. 89 strcpy(chan->adapter.name, name); Fix this warning by using strscpy() which will silence the warning and prevent any future buffer overflows should the names used to identify the channel become much longer.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local kernel buffer overflow in nvidiafb driver directly enables privilege escalation via arbitrary code execution in kernel context.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-71137Same product: Linux Linux Kernel
CVE-2026-31772Same product: Linux Linux Kernel
CVE-2022-49612Same product: Linux Linux Kernel
CVE-2026-23378Same product: Linux Linux Kernel
CVE-2026-31494Same product: Linux Linux Kernel
CVE-2025-21735Same product: Linux Linux Kernel
CVE-2025-21650Same product: Linux Linux Kernel
CVE-2024-52319Same product: Linux Linux Kernel
CVE-2024-58003Same product: Linux Linux Kernel
CVE-2026-23343Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
≤ 4.9.311 · 4.10 — 4.14.276 · 4.15 — 4.19.238

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates CVE-2021-47642 by requiring identification, reporting, and correction of the buffer overflow flaw via kernel patches replacing strcpy() with strscpy().

preventdetect

Implements memory protections such as stack canaries and address space layout randomization to prevent or detect exploitation of the buffer overflow in the nvidiafb driver.

prevent

Restricts system to least functionality by disabling or avoiding use of the legacy nvidiafb module, preventing loading of the vulnerable framebuffer driver.

References