PT-2021-3741 · Linux+8 · Linux Kernel+8

Published

2020-08-01

·

Updated

2023-02-03

·

CVE-2021-21781

CVSS v3.1

4.0

Medium

VectorAV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 4.14.222 Linux Kernel versions prior to 4.19.177 Linux Kernel versions prior to 5.4.99 Linux Kernel versions prior to 5.10.17 Linux Kernel versions prior to 5.11
Description An information disclosure issue exists in the ARM SIGPAGE functionality of the Linux Kernel. This issue allows a userland application to read the contents of the sigpage, potentially leaking kernel memory contents. An attacker can exploit this by reading a process's memory at a specific offset.
Recommendations For Linux Kernel versions prior to 4.14.222, update to version 4.14.222 or later. For Linux Kernel versions prior to 4.19.177, update to version 4.19.177 or later. For Linux Kernel versions prior to 5.4.99, update to version 5.4.99 or later. For Linux Kernel versions prior to 5.10.17, update to version 5.10.17 or later. For Linux Kernel versions prior to 5.11, update to version 5.11 or later.

Exploit

Fix

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

ALSA-2022:1988
ALT-PU-2020-2487
ALT-PU-2020-2497
ALT-PU-2020-2873
BDU:2021-03994
CESA-2022_1988
CVE-2021-21781
DLA-2713-1
DLA-2713-2
MGASA-2021-0099
MGASA-2021-0100
MGASA-2021-0101
MGASA-2021-0102
OESA-2021-1324
OPENSUSE-SU-2021:1142-1
OPENSUSE-SU-2021:2645-1
OPENSUSE-SU-2021:2687-1
OPENSUSE-SU-2021_1142-1
OPENSUSE-SU-2021_2645-1
OPENSUSE-SU-2021_2687-1
RHSA-2022:1988
RHSA-2022_1988
RLSA-2022:1988
SUSE-SU-2021:2645-1
SUSE-SU-2021:2646-1
SUSE-SU-2021:2678-1
SUSE-SU-2021:2687-1
SUSE-SU-2021:2756-1
SUSE-SU-2021_2646-1
SUSE-SU-2021_2756-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse