Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-0929

Опубликовано: 28 июл. 2021
Источник: redhat
CVSS3: 7.8
EPSS Низкий

Описание

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel

A use-after-free flaw was found in the Linux kernel Android driver ion/ion.c. The driver is not included in the other kernels, apart from Android devices. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2034702kernel: use-after-free in ion_dma_buf_end_cpu_access and related functions in ion.c

EPSS

Процентиль: 14%
0.00047
Низкий

7.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-0929

CVSS3: 7.8
ubuntu
около 4 лет назад

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel

nvd логотип

CVE-2021-0929

CVSS3: 7.8
nvd
около 4 лет назад

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel

debian логотип

CVE-2021-0929

CVSS3: 7.8
debian
около 4 лет назад

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is ...

github логотип

GHSA-g4fj-qffq-f9vx

github
около 4 лет назад

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel

fstec логотип

BDU:2023-00701

CVSS3: 7.8
fstec
около 6 лет назад

Уязвимость модуля ion.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 14%
0.00047
Низкий

7.8 High

CVSS3