CVE-2021-38205

Опубликовано: 21 мая 2021

Источник: redhat

CVSS3: 3.3

Описание

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).

A flaw was found in the Linux kernel that allows attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). The highest threat from this vulnerability is to confidentiality.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Out of support scope
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=1992774kernel: drivers/net/ethernet/xilinx/xilinx_emaclite.c prints the real IOMEM pointer

3.3 Low

CVSS3

Связанные уязвимости

CVE-2021-38205

CVSS3: 3.3

ubuntu

больше 4 лет назад

CVE-2021-38205

CVSS3: 3.3

nvd

больше 4 лет назад

CVE-2021-38205

CVSS3: 3.3

msrc

больше 4 лет назад

CVE-2021-38205

CVSS3: 3.3

debian

больше 4 лет назад

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel befo ...

GHSA-mv45-h347-p3mv

github

больше 3 лет назад

3.3 Low

CVSS3