Lucene search

K
nvd[email protected]NVD:CVE-2021-33655
HistoryJul 18, 2022 - 3:15 p.m.

CVE-2021-33655

2022-07-1815:15:07
CWE-787
web.nvd.nist.gov
3
kernel security
out of bounds
malicious data
cve-2021-33655
ioctl command
memory vulnerability

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.

Affected configurations

NVD
Node
linuxlinux_kernelRange<5.19
OR
linuxlinux_kernelMatch5.19rc1
OR
linuxlinux_kernelMatch5.19rc2
OR
linuxlinux_kernelMatch5.19rc3
OR
linuxlinux_kernelMatch5.19rc4
OR
linuxlinux_kernelMatch5.19rc5
Node
debiandebian_linuxMatch10.0
OR
debiandebian_linuxMatch11.0

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%