CVE-2021-3612 log

Source
Severity Medium
Remote No
Type Privilege escalation
Description
An out-of-bounds memory write security issue was found in the Linux kernel’s joystick devices subsystem before version 5.13.2, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system.
Group Package Affected Fixed Severity Status Ticket
AVG-2184 linux-lts 5.10.51-1 5.10.52-1 High Fixed
AVG-2183 linux-hardened 5.12.18.hardened1-1 5.12.19.hardened1-1 High Fixed
AVG-2182 linux-zen 5.13.1.zen1-1 5.13.4.zen1-1 High Fixed
AVG-2181 linux 5.13.1.arch1-1 5.13.4.arch1-1 High Fixed
Date Advisory Group Package Severity Type
21 Jul 2021 ASA-202107-51 AVG-2184 linux-lts High privilege escalation
21 Jul 2021 ASA-202107-50 AVG-2183 linux-hardened High privilege escalation
21 Jul 2021 ASA-202107-49 AVG-2182 linux-zen High privilege escalation
21 Jul 2021 ASA-202107-48 AVG-2181 linux High privilege escalation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1974079
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.2&id=81acf1015233b3ee1d9834ba4fcca087a75c0c1b
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.17&id=b88243d8f1c7eb2a834fd7cd1ea9691554240d3a
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.50&id=b4c35e9e8061b2386da1aa0d708e991204e76c45