CVE-2021-33656

2022-07-1800:00:00

ubuntu.com

cve-2021-33656

ioctl command

memory bounds

unix

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

32.6%

JSON

When setting font with malicous data by ioctl cmd PIO_FONT,kernel will
write memory out of bounds.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-192.203UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-125.141UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-234.268UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1140.151UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1084.91UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1113.119UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1150.165UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1084.91~18.04.1UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1140.151~16.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1090.95UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< 4.15.0-192.203	UNKNOWN
ubuntu	20.04	noarch	linux	< 5.4.0-125.141	UNKNOWN
ubuntu	16.04	noarch	linux	< 4.4.0-234.268	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< 4.15.0-1140.151	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1084.91	UNKNOWN
ubuntu	14.04	noarch	linux-aws	< 4.4.0-1113.119	UNKNOWN
ubuntu	16.04	noarch	linux-aws	< 4.4.0-1150.165	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< 5.4.0-1084.91~18.04.1	UNKNOWN
ubuntu	16.04	noarch	linux-aws-hwe	< 4.15.0-1140.151~16.04.1	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< 5.4.0-1090.95	UNKNOWN