CVE-2021-3753

Updated: 2024-05-14 20:04:57.09547

Description:

A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 1.9
CVSS Version 3.x MEDIUM 4.7

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 4.7 MEDIUM Ignored 2023-11-08 04:07:45
AlmaLinux 9.2 FIPS kernel 5.14.0 4.7 MEDIUM Ignored 2023-11-21 04:12:23
CentOS 6 ELS kernel 2.6.32 4.7 MEDIUM Not Vulnerable 2022-03-30 18:48:21
CentOS 7 ELS kernel 3.10.0 4.7 MEDIUM Ignored 2023-09-19 09:30:03
CentOS 8.4 ELS kernel 4.18.0 4.7 MEDIUM Released CLSA-2022:1651145959 2022-04-28 15:58:55
CentOS 8.5 ELS kernel 4.18.0 4.7 MEDIUM Released CLSA-2022:1651146021 2022-04-28 15:58:55
CloudLinux 6 ELS kernel 2.6.32 4.7 MEDIUM Not Vulnerable 2022-03-30 18:48:21
Oracle Linux 6 ELS kernel 2.6.32 4.7 MEDIUM Not Vulnerable 2022-03-30 18:48:21
Ubuntu 16.04 ELS linux 4.4.0 4.7 MEDIUM Released CLSA-2023:1690395161 2023-07-26 17:15:31
Ubuntu 16.04 ELS linux-hwe 4.15.0 4.7 MEDIUM Already Fixed 2023-07-17 11:09:16
Total: 11