An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1974079 | Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/ | |
https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/ | |
https://security.netapp.com/advisory/ntap-20210805-0005/ | Third Party Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2021-07-09T10:33:16
Updated: 2022-07-25T16:36:01
Reserved: 2021-06-21T00:00:00
Link: CVE-2021-3612
JSON object: View
NVD Information
Status : Modified
Published: 2021-07-09T11:15:09.457
Modified: 2023-11-07T03:38:09.580
Link: CVE-2021-3612
JSON object: View
Redhat Information
No data.