CVE-2021-20292 - log back

CVE-2021-20292 edited at 23 Mar 2021 11:20:04
Description
- A security issue was found in the Linux kernel. The specific flaw exists within DRM memory management. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. This does not seem to affect kernels configured with the CONFIG_SLAB_FREELIST_HARDENED=y option.
+ A security issue was found in the Linux kernel before version 5.9. The specific flaw exists within DRM memory management. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. This does not seem to affect kernels configured with the CONFIG_SLAB_FREELIST_HARDENED=y option.
References
https://bugzilla.redhat.com/show_bug.cgi?id=1939686
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5de5b6ecf97a021f29403aa272cb4e03318ef586
CVE-2021-20292 edited at 23 Mar 2021 11:14:18
Description
- A security issue was found in the Linux kernel. The specific flaw exists within DRM memory management. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
+ A security issue was found in the Linux kernel. The specific flaw exists within DRM memory management. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. This does not seem to affect kernels configured with the CONFIG_SLAB_FREELIST_HARDENED=y option.
CVE-2021-20292 edited at 20 Mar 2021 11:36:51
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Privilege escalation
Description
+ A security issue was found in the Linux kernel. The specific flaw exists within DRM memory management. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1939686
CVE-2021-20292 created at 20 Mar 2021 11:36:04
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes