Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-0938

Опубликовано: 30 дек. 2020
Источник: redhat
CVSS3: 5.5

Описание

In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171418586References: Upstream kernel

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-908
https://bugzilla.redhat.com/show_bug.cgi?id=2018212kernel: possible bypass of defense in depth due to uninitialized data in memzero_explicit() of compiler-clang.h

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-0938

CVSS3: 5.5
ubuntu
больше 4 лет назад

In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171418586References: Upstream kernel

nvd логотип

CVE-2021-0938

CVSS3: 5.5
nvd
больше 4 лет назад

In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171418586References: Upstream kernel

debian логотип

CVE-2021-0938

CVSS3: 5.5
debian
больше 4 лет назад

In memzero_explicit of compiler-clang.h, there is a possible bypass of ...

github логотип

GHSA-rp85-q33q-7f7m

github
больше 3 лет назад

In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171418586References: Upstream kernel

fstec логотип

BDU:2025-00832

CVSS3: 5.5
fstec
около 5 лет назад

Уязвимость компонента compiler-clang.h ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

5.5 Medium

CVSS3