CVE-2021-3612

Updated: 2024-11-23 04:46:44.180924

Description:

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.2
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Already Fixed 2024-05-31 10:03:30
AlmaLinux 9.2 FIPS kernel 5.14.0 7.8 HIGH Already Fixed 2024-05-31 10:03:30
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2021:1632262296 2022-05-05 12:01:42
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2024:1720468480 2024-07-23 17:33:45
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2022:1655822512 2022-06-21 11:49:08
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2022:1655821334 2022-06-21 11:48:37
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Already Fixed 2024-06-09 14:20:00
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2023:1687202317 2024-04-09 11:35:09
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-01-10 22:43:42
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2022:1669850228 2022-11-30 19:57:51
Total: 13