A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1999589 | Issue Tracking Patch Third Party Advisory |
https://www.openwall.com/lists/oss-security/2021/09/01/4 | Exploit Mailing List Patch Third Party Advisory |
https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7 | Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20221028-0003/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Information
Published : 2022-02-16 11:15
Updated : 2022-12-06 17:58
NVD link : CVE-2021-3753
Mitre link : CVE-2021-3753
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
netapp
- hci_compute_node
- h410c_firmware
- h300s
- h500s
- h500s_firmware
- active_iq_unified_manager
- element_software
- solidfire
- h700s
- hci_management_node
- h410c
- h410s_firmware
- h410s
- bootstrap_os
- h700s_firmware
- h300s_firmware
redhat
- enterprise_linux
linux
- linux_kernel