PT-2021-4243 · Linux+5 · Linux Kernel+5

Lai Jiangshan

+1

·

Published

2021-06-08

·

Updated

2023-05-17

·

CVE-2021-38198

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12.11
Description The issue is related to the incorrect computation of access permissions for a shadow page in the Linux kernel, leading to a missing guest protection page fault. This could potentially allow an attacker to cause a denial of service. The estimated number of potentially affected devices and details about real-world incidents are not provided.
Recommendations For versions prior to 5.12.11, update to version 5.12.11 or later to resolve the issue. As a temporary workaround, consider restricting access to critical resources to minimize the risk of exploitation.

Exploit

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

ALT-PU-2021-2025
ALT-PU-2021-2026
ALT-PU-2021-2315
ALT-PU-2021-2326
ALT-PU-2021-2330
ALT-PU-2021-3481
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
AZL-6582
BDU:2021-04850
CVE-2021-38198
DLA-2785-1
DLA-2843-1
OESA-2021-1331
OPENSUSE-SU-2021:1271-1
OPENSUSE-SU-2021:3179-1
OPENSUSE-SU-2021:3205-1
OPENSUSE-SU-2021:3876-1
OPENSUSE-SU-2021_1271-1
OPENSUSE-SU-2021_3179-1
OPENSUSE-SU-2021_3205-1
OPENSUSE-SU-2021_3876-1
SUSE-SU-2021:14849-1
SUSE-SU-2021:3073-1
SUSE-SU-2021:3177-1
SUSE-SU-2021:3178-1
SUSE-SU-2021:3179-1
SUSE-SU-2021:3192-1
SUSE-SU-2021:3196-1
SUSE-SU-2021:3205-1
SUSE-SU-2021:3205-2
SUSE-SU-2021:3206-1
SUSE-SU-2021:3207-1
SUSE-SU-2021:3217-1
SUSE-SU-2021:3415-1
SUSE-SU-2021:3876-1
SUSE-SU-2021:3929-1
SUSE-SU-2021:3935-1
SUSE-SU-2021:3969-1
SUSE-SU-2021:3972-1
SUSE-SU-2021_14849-1
USN-5070-1
USN-5114-1
USN-5116-1
USN-5116-2
USN-5343-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu