CVE-2021-3491

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13-rc1 Linux kernel versions 5.7-rc1 through 5.12.3 Linux kernel versions 5.11 through 5.11.20 Linux kernel versions 5.10 through 5.10.36

Description The issue is related to a buffer overflow in the io uring subsystem of the Linux kernel, allowing an attacker to execute arbitrary code. This is due to the MAX RW COUNT limit being bypassed in the PROVIDE BUFFERS operation, leading to negative values being used in mem rw when reading /proc//mem, which could result in a heap overflow.

Recommendations For Linux kernel versions prior to 5.7-rc1, there is no information about a fix. For Linux kernel versions 5.7-rc1 through 5.12.3, update to version 5.12.4 or later. For Linux kernel versions 5.11 through 5.11.20, update to version 5.11.21 or later. For Linux kernel versions 5.10 through 5.10.36, update to version 5.10.37 or later. As a temporary workaround, consider restricting access to the io uring subsystem until a patch is available.