A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1999589 | Issue Tracking Patch Third Party Advisory |
https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7 | Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20221028-0003/ | Third Party Advisory |
https://www.openwall.com/lists/oss-security/2021/09/01/4 | Exploit Mailing List Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
28 Feb 2022, 15:58
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-362 CWE-125 |
|
References | (MISC) https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7 - Patch, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1999589 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://www.openwall.com/lists/oss-security/2021/09/01/4 - Exploit, Mailing List, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 1.9
v3 : 4.7 |
CPE | cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
16 Feb 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-16 19:15
Updated : 2024-02-04 22:29
NVD link : CVE-2021-3753
Mitre link : CVE-2021-3753
CVE.ORG link : CVE-2021-3753
JSON object : View
Products Affected
redhat
- enterprise_linux
netapp
- h700s_firmware
- active_iq_unified_manager
- h500s_firmware
- h410s
- solidfire
- bootstrap_os
- h410c_firmware
- h300s
- h300s_firmware
- h700s
- h500s
- hci_compute_node
- element_software
- hci_management_node
- h410c
- h410s_firmware
linux
- linux_kernel