A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1999589 | Issue Tracking Patch Third Party Advisory |
https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7 | Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20221028-0003/ | Third Party Advisory |
https://www.openwall.com/lists/oss-security/2021/09/01/4 | Exploit Mailing List Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
07 Dec 2022, 01:58
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20221028-0003/ - Third Party Advisory | |
CPE | cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:* |
|
First Time |
Netapp h700s
Netapp h500s Netapp bootstrap Os Netapp h410c Netapp h410s Netapp hci Compute Node Netapp h300s Netapp h410s Firmware Netapp active Iq Unified Manager Netapp h700s Firmware Netapp h410c Firmware Netapp Netapp solidfire Netapp h300s Firmware Netapp hci Management Node Netapp h500s Firmware Netapp element Software |
28 Oct 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
References |
|
28 Feb 2022, 15:58
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Redhat enterprise Linux Linux Redhat |
|
CPE | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 1.9
v3 : 4.7 |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1999589 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://www.openwall.com/lists/oss-security/2021/09/01/4 - Exploit, Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7 - Patch, Third Party Advisory | |
CWE | CWE-362 CWE-125 |
16 Feb 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-16 19:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-3753
Mitre link : CVE-2021-3753
CVE.ORG link : CVE-2021-3753
JSON object : View
Products Affected
netapp
- h700s_firmware
- h300s_firmware
- h500s
- bootstrap_os
- h300s
- h410s
- h410c
- h410s_firmware
- element_software
- hci_management_node
- active_iq_unified_manager
- solidfire
- hci_compute_node
- h500s_firmware
- h410c_firmware
- h700s
redhat
- enterprise_linux
linux
- linux_kernel