CVE-2021-3483 - log back

CVE-2021-3483 edited at 07 Apr 2021 17:15:32
Description
- A security issue has been found in the Linux kernel in Linux/drivers/firewire/nosy.c. Nosy is an IEEE 1394 packet sniffer which is used for protocol analysis and in the development of IEEE 1394 drivers, applications, or firmware. Incorrect handling of elements in a doubly linked list when opening nosy devices can lead to use after free.
+ A security issue has been found in the Linux kernel before version 5.11.12 in Linux/drivers/firewire/nosy.c. Nosy is an IEEE 1394 packet sniffer which is used for protocol analysis and in the development of IEEE 1394 drivers, applications, or firmware. Incorrect handling of elements in a doubly linked list when opening nosy devices can lead to use after free.
References
https://www.openwall.com/lists/oss-security/2021/04/07/1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=829933ef05a951c8ff140e814656d73e74915faf
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.12&id=8936e89ffea69bc1e3bc9f4837b793d3231313c0
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.28&id=c04adcc819d3bdd85a5dc2523687707b89724df7
CVE-2021-3483 edited at 07 Apr 2021 12:18:50
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A security issue has been found in the Linux kernel in Linux/drivers/firewire/nosy.c. Nosy is an IEEE 1394 packet sniffer which is used for protocol analysis and in the development of IEEE 1394 drivers, applications, or firmware. Incorrect handling of elements in a doubly linked list when opening nosy devices can lead to use after free.
References
+ https://www.openwall.com/lists/oss-security/2021/04/07/1
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=829933ef05a951c8ff140e814656d73e74915faf
CVE-2021-3483 created at 07 Apr 2021 12:14:06
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes