PT-2021-3000 · Linux+5 · Linux Kernel+5

Jan H. Schönherr

+3

·

Published

2021-02-15

·

Updated

2024-03-25

·

CVE-2021-26930

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.11 through 5.10.16
Description The issue is related to errors in mapping grant references provided by the frontend in the Linux kernel's Xen driver. This can lead to the caller assuming successful mapping and attempting to access unmapped space, or internal state not being updated sufficiently to prevent safe recovery from errors. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.
Recommendations For Linux kernel versions 3.11 through 5.10.16, update to a version later than 5.10.16 to resolve the issue. At the moment, there is no information about other versions that contain a fix for this vulnerability.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

ALT-PU-2021-1364
ALT-PU-2021-1388
ALT-PU-2021-1417
ALT-PU-2021-1424
ALT-PU-2021-1447
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1869
ALT-PU-2021-1870
BDU:2021-02594
CVE-2021-26930
DLA-2586-1
DLA-2610-1
DLA-2689-1
DLA-2690-1
MGASA-2021-0099
MGASA-2021-0100
MGASA-2021-0101
MGASA-2021-0102
OESA-2021-1111
OPENSUSE-SU-2021:0393-1
OPENSUSE-SU-2021_0393-1
SUSE-SU-2021:0735-1
SUSE-SU-2021:0736-1
SUSE-SU-2021:0737-1
SUSE-SU-2021:0738-1
SUSE-SU-2021:0740-1
SUSE-SU-2021:0741-1
SUSE-SU-2021:0743-1
SUSE-SU-2021:0744-1
SUSE-SU-2021:1175-1
SUSE-SU-2021:1176-1
SUSE-SU-2021:1210-1
SUSE-SU-2021:1344-1
SUSE-SU-2021:1365-1
SUSE-SU-2021:1373-1
SUSE-SU-2021_1344-1
SUSE-SU-2021_1365-1
SUSE-SU-2021_1373-1
USN-4904-1
USN-4909-1
USN-4946-1
USN-4949-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu