Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-30002

Опубликовано: 02 апр. 2021
Источник: redhat
CVSS3: 6.2
EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.

A flaw memory leak in the Linux kernel webcam device functionality was found in the way user calls ioctl that triggers video_usercopy function. The highest threat from this vulnerability is to system availability.

Меры по смягчению последствий

To mitigate this issue, prevent the module v4l2-common from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelWill not fix
Red Hat Enterprise Linux 7kernel-altOut of support scope
Red Hat Enterprise Linux 7kernel-rtWill not fix
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2022:744408.11.2022
Red Hat Enterprise Linux 8kernelFixedRHSA-2022:768308.11.2022
Red Hat Enterprise Linux 8.6 Extended Update SupportkernelFixedRHSA-2024:072407.02.2024
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8kernelFixedRHSA-2024:072407.02.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-772
https://bugzilla.redhat.com/show_bug.cgi?id=1946279kernel: memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c

EPSS

Процентиль: 7%
0.00029
Низкий

6.2 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-30002

CVSS3: 6.2
ubuntu
около 4 лет назад

An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.

nvd логотип

CVE-2021-30002

CVSS3: 6.2
nvd
около 4 лет назад

An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.

msrc логотип

CVE-2021-30002

CVSS3: 6.2
msrc
около 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-30002

CVSS3: 6.2
debian
около 4 лет назад

An issue was discovered in the Linux kernel before 5.11.3 when a webca ...

github логотип

GHSA-px8m-vh6v-xc52

CVSS3: 6.2
github
около 3 лет назад

An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.

EPSS

Процентиль: 7%
0.00029
Низкий

6.2 Medium

CVSS3