CVE-2021-39648

Updated: 2023-12-06

CWE: Exposure of Resource to Wrong Sphere

Description:

In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-160822094References: Upstream kernel

CVSS3: 4.1


Vendor State

OS Vendor version Errata
Ubuntu 18.04 4.15.0-137.141 USN-4877-1
Ubuntu 18.04 AWS 4.15.0-1095.102 USN-4877-1
Debian 9 4.9.258-1 DLA-2586-1
Amazon Linux 1 4.14.219-119.340.amzn1 ALAS-2021-1480
Amazon Linux 2 4.14.219-161.340.amzn2 ALAS-2021-1600
Ubuntu 14.04 HWE ESM 4.4.0-222.255~14.04.1 USN-5343-1
Ubuntu 18.04 HWE Focal 5.4.0-67.75~18.04.1 USN-4878-1
Ubuntu 20.04 5.4.0-67.75 USN-4878-1
Ubuntu 18.04 AWS Focal 5.4.0-1039.41~18.04.1 USN-4878-1
Ubuntu 18.04 Azure Focal 5.4.0-1041.43~18.04.1 USN-4878-1
Ubuntu 20.04 AWS 5.4.0-1039.41 USN-4878-1
Ubuntu 16.04 ESM 4.4.0-222.255 USN-5343-1
Ubuntu 16.04 HWE ESM 4.15.0-137.141~16.04.1 USN-4877-1
Ubuntu 16.04 AWS ESM 4.4.0-1138.152 USN-5343-1
Ubuntu 16.04 GCP ESM 4.15.0-1094.107~16.04.1 USN-4877-1
Ubuntu 16.04 AWS HWE ESM 4.15.0-1095.102~16.04.1 USN-4877-1
Ubuntu 16.04 Azure ESM 4.15.0-1109.121~16.04.1 USN-4877-1
Amazon Linux 2 5.4 5.4.91-41.139.amzn2 ALASKERNEL-5.4-2022-019

KernelCare State

OS Original kernel version State
Ubuntu 18.04
Will Not Fix
Ubuntu 18.04 AWS
Will Not Fix
Debian 9
Will Not Fix
Amazon Linux 1
4.14.101-75.76.amzn1 show all hide all
4.14.104-78.84.amzn1 4.14.106-79.86.amzn1 4.14.109-80.92.amzn1 4.14.114-82.97.amzn1 4.14.114-83.126.amzn1 4.14.121-85.96.amzn1 4.14.123-86.109.amzn1 4.14.128-87.105.amzn1 4.14.133-88.105.amzn1 4.14.138-89.102.amzn1 4.14.143-91.122.amzn1 4.14.152-98.182.amzn1 4.14.154-99.181.amzn1 4.14.165-102.185.amzn1 4.14.165-103.209.amzn1 4.14.171-105.231.amzn1 4.14.173-106.229.amzn1 4.14.177-107.254.amzn1 4.14.181-108.257.amzn1 4.14.186-110.268.amzn1 4.14.193-113.317.amzn1 4.14.200-116.320.amzn1 4.14.203-116.332.amzn1 4.14.209-117.337.amzn1 4.14.214-118.339.amzn1 4.14.62-65.117.amzn1 4.14.70-67.55.amzn1 4.14.72-68.55.amzn1 4.14.77-69.57.amzn1 4.14.77-70.82.amzn1 4.14.94-73.73.amzn1 4.14.97-74.72.amzn1 4.14.133-88.112.amzn1 4.14.146-93.123.amzn1
Will Not Fix
Amazon Linux 2
Will Not Fix
Ubuntu 14.04 HWE ESM
Ready For Release
Ubuntu 18.04 HWE Focal
Will Not Fix
Debian 10
Will Not Fix
Proofpoint
Ready For Release
Ubuntu 20.04
Will Not Fix
Ubuntu 18.04 AWS Focal
Will Not Fix
Ubuntu 18.04 Azure Focal
Will Not Fix
Ubuntu 20.04 AWS
Will Not Fix
Ubuntu 16.04 ESM
Ready For Release
Ubuntu 16.04 HWE ESM
Will Not Fix
Ubuntu 16.04 AWS ESM
Ready For Release
Ubuntu 16.04 GCP ESM
Will Not Fix
Ubuntu 16.04 AWS HWE ESM
Will Not Fix
Ubuntu 16.04 Azure ESM
Will Not Fix
Amazon Linux 2 5.4
Will Not Fix