CVE-2021-46934

2024-02-2700:00:00

ubuntu.com

linux kernel

vulnerability

i2c

data validation

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

In the Linux kernel, the following vulnerability has been resolved: i2c:
validate user data in compat ioctl Wrong user data may cause warning in
i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger
warnings, so this patch adds validation checks for user data in compact
ioctl to prevent reported warnings

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< 5.4.0-105.119UNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1069.73UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< anyUNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1124.133~16.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1073.76UNKNOWN
ubuntu14.04noarchlinux-azure< 4.15.0-1134.147~14.04.1UNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1134.147~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure-4.15< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< 5.4.0-105.119	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1069.73	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< any	UNKNOWN
ubuntu	16.04	noarch	linux-aws-hwe	< 4.15.0-1124.133~16.04.1	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< 5.4.0-1073.76	UNKNOWN
ubuntu	14.04	noarch	linux-azure	< 4.15.0-1134.147~14.04.1	UNKNOWN
ubuntu	16.04	noarch	linux-azure	< 4.15.0-1134.147~16.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-azure-4.15	< any	UNKNOWN