CVE-2021-3348 log

Severity Medium
Remote No
Type Arbitrary code execution
nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.
Group Package Affected Fixed Severity Status Ticket
AVG-1515 linux-lts 5.4.94-1 5.4.95-1 Medium Fixed
AVG-1514 linux-zen 5.10.12.zen1-1 5.10.13.zen1-1 Medium Fixed
AVG-1513 linux-hardened 5.10.12.hardened1-1 5.10.13.hardened1-1 Medium Fixed
AVG-1512 linux 5.10.12.arch1-1 5.10.13.arch1-1 Medium Fixed