CVE-2021-3491 log

Severity Medium
Remote No
Type Arbitrary code execution
A security issue was found in the Linux kernel before version 5.12.4. It was discovered that the io_uring PROVIDE_BUFFERS operation allowed the MAX_RW_COUNT limit to be bypassed, which led to negative values being used in mem_rw when reading /proc/<PID>/mem, resulting in a heap overflow.
Group Package Affected Fixed Severity Status Ticket
AVG-1961 linux-lts 5.10.36-2 5.10.37-1 Medium Fixed
AVG-1960 linux-hardened 5.11.20.hardened1-2 5.11.21.hardened1-1 Medium Fixed
AVG-1959 linux-zen 5.12.3.zen2-1 5.12.4.zen1-1 Medium Fixed
AVG-1958 linux 5.12.3.arch2-1 5.12.4.arch1-1 Medium Fixed