Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-21781

Опубликовано: 18 авг. 2021
Источник: nvd
CVSS3: 4
CVSS3: 3.3
CVSS2: 2.1
EPSS Низкий

Описание

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:5.4.54:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.4.66:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 1%
0.00012
Низкий

4 Medium

CVSS3

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-908
CWE-908

Связанные уязвимости

ubuntu логотип

CVE-2021-21781

CVSS3: 3.3
ubuntu
почти 4 года назад

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11

redhat логотип

CVE-2021-21781

CVSS3: 4
redhat
почти 4 года назад

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11

debian логотип

CVE-2021-21781

CVSS3: 3.3
debian
почти 4 года назад

An information disclosure vulnerability exists in the ARM SIGPAGE func ...

github логотип

GHSA-v4c8-84p4-cxv7

CVSS3: 3.3
github
около 3 лет назад

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11

fstec логотип

BDU:2021-03994

CVSS3: 3.3
fstec
больше 4 лет назад

Уязвимость функционала ARM SIGPAGE ядра Linux, позволяющая нарушителю получить доступ к защищаемой информации

EPSS

Процентиль: 1%
0.00012
Низкий

4 Medium

CVSS3

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-908
CWE-908