PT-2021-3386 · Linux+2 · Linux Kernel+2

Published

2021-05-05

Updated

2023-05-17

CVE-2021-32078

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.12.11

Description An Out-of-Bounds Read issue was discovered in the arch/arm/mach-footbridge/personal-pci.c component of the Linux kernel. This issue is caused by the lack of a check for a value that shouldn't be negative, such as accessing an array element with a negative index, for example, -2. The exploitation of this issue may allow an attacker to disclose protected information or cause a denial of service.

Recommendations For Linux kernel versions through 5.12.11, update to a version later than 5.12.11 to resolve the issue. At the moment, there is no information about other specific fixes for this issue.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2021-2026

ALT-PU-2021-2031

ALT-PU-2021-2315

ALT-PU-2021-2326

ALT-PU-2021-2330

ALT-PU-2021-3481

ALT-PU-2022-1240

ALT-PU-2022-1419

ALT-PU-2022-1421

ALT-PU-2023-1814

AZL-6559

BDU:2021-03237

CVE-2021-32078

Affected Products

Alt Linux

Debian

Linux Kernel

PT-2021-3386 · Linux+2 · Linux Kernel+2

CVE-2021-32078

Weakness Enumeration

Related Identifiers

Affected Products

References · 18