CVE-2021-39657

Updated: 2023-12-06

CWE: Out-of-bounds Read

Description:

In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194696049References: Upstream kernel

CVSS3: 4.4


Vendor State

OS Vendor version Errata
Ubuntu 18.04 4.15.0-141.145 USN-4907-1
Ubuntu 18.04 AWS 4.15.0-1098.105 USN-4907-1
Debian 9 4.9.258-1 DLA-2586-1
Ubuntu 18.04 HWE Focal 5.4.0-67.75~18.04.1 USN-4878-1
Ubuntu 20.04 5.4.0-67.75 USN-4878-1
Ubuntu 18.04 AWS Focal 5.4.0-1039.41~18.04.1 USN-4878-1
Ubuntu 18.04 Azure Focal 5.4.0-1041.43~18.04.1 USN-4878-1
Ubuntu 20.04 AWS 5.4.0-1039.41 USN-4878-1
Ubuntu 16.04 HWE ESM 4.15.0-142.146~16.04.1 USN-4916-1
Ubuntu 16.04 AWS ESM 4.4.0-1123.137 USN-4876-1
Ubuntu 16.04 GCP ESM 4.15.0-1097.110~16.04.1 USN-4907-1
Ubuntu 16.04 AWS HWE ESM 4.15.0-1098.105~16.04.1 USN-4907-1
Ubuntu 16.04 Azure ESM 4.15.0-1112.124~16.04.1 USN-4907-1

KernelCare State

OS Original kernel version State
Ubuntu 18.04
Will Not Fix
Ubuntu 18.04 AWS
Will Not Fix
Debian 9
Will Not Fix
Ubuntu 18.04 HWE Focal
Will Not Fix
Debian 10
Will Not Fix
Proofpoint
Ready For Release
Ubuntu 20.04
Will Not Fix
Ubuntu 18.04 AWS Focal
Will Not Fix
Ubuntu 18.04 Azure Focal
Will Not Fix
Ubuntu 20.04 AWS
Will Not Fix
Ubuntu 16.04 HWE ESM
Will Not Fix
Ubuntu 16.04 AWS ESM
Will Not Fix
Ubuntu 16.04 GCP ESM
Will Not Fix
Ubuntu 16.04 AWS HWE ESM
Will Not Fix
Ubuntu 16.04 Azure ESM
Will Not Fix