CVE-2021-20292 log
| Source |
|
| Severity | Medium |
| Remote | No |
| Type | Privilege escalation |
| Description | A security issue was found in the Linux kernel before version 5.9. The specific flaw exists within DRM memory management. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. This does not seem to affect kernels configured with the CONFIG_SLAB_FREELIST_HARDENED=y option. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1727 | linux-lts | 5.10.25-1 | Medium | Not affected | ||
| AVG-1726 | linux-zen | 5.11.8.zen1-1 | Medium | Not affected | ||
| AVG-1725 | linux-hardened | 5.11.8.hardened1-1 | Medium | Not affected | ||
| AVG-1724 | linux | 5.11.8.arch1-1 | Medium | Not affected |
| References |
|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1939686 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5de5b6ecf97a021f29403aa272cb4e03318ef586 |