CVE-2021-3753 - log back

CVE-2021-3753 edited at 09 Sep 2021 11:18:41
Description
- An out-of-bounds read due to a race condition has been found in the Linux kernel.The root cause of this vulnerability is that the write access to vc_mode is not protected by a lock in vt_ioctl (KDSETMDE).
+ An out-of-bounds read due to a race condition has been found in the Linux kernel before version 5.14.2. The root cause of this vulnerability is that the write access to vc_mode is not protected by a lock in vt_ioctl (KDSETMDE).
CVE-2021-3753 edited at 09 Sep 2021 11:15:57
References
https://www.openwall.com/lists/oss-security/2021/09/01/4
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2287a51ba822384834dafc1c798453375d1107c7
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.2&id=acf3c7b4fae092e7f5c170bc8a0fe2ead9b2a320
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.14&id=a5dfcf3d8ecc549f8dc324ab6caf9dd14de87986
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.62&id=60d69cb4e60de0067e5d8aecacd86dfe92a5384a
CVE-2021-3753 edited at 01 Sep 2021 09:50:25
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Information disclosure
Description
+ An out-of-bounds read due to a race condition has been found in the Linux kernel.The root cause of this vulnerability is that the write access to vc_mode is not protected by a lock in vt_ioctl (KDSETMDE).
References
+ https://www.openwall.com/lists/oss-security/2021/09/01/4
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2287a51ba822384834dafc1c798453375d1107c7
CVE-2021-3753 created at 01 Sep 2021 09:48:44
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes