CVE-2021-20261

CVSS v3.1 6.4 (Medium)

CVSS v2.0 4.4 (Medium)

EPSS 0.04 % (13^th)

Affected Products 2

Advisories 3

A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the device have changed the impact changes greatly. In the default configuration root (or equivalent) permissions are required to attack this flaw.

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2021-03-11 21:15:11
(3 years ago)
Updated Date: 2021-03-19 13:08:48
(3 years ago)

Affected Products

Linux

Linux Kernel

Redhat

Enterprise Linux

Configuration #1

	CPE23	Up To
Linux Kernel prior 4.5 version	cpe:2.3:o:linux:linux_kernel	< 4.5
Linux Kernel 4.5	cpe:2.3:o:linux:linux_kernel:4.5:-
Linux Kernel 4.5 Rc1	cpe:2.3:o:linux:linux_kernel:4.5:rc1
Linux Kernel 4.5 Rc2	cpe:2.3:o:linux:linux_kernel:4.5:rc2
Linux Kernel 4.5 Rc3	cpe:2.3:o:linux:linux_kernel:4.5:rc3
Linux Kernel 4.5 Rc4	cpe:2.3:o:linux:linux_kernel:4.5:rc4

Configuration #2

		CPE23	From	Up To
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0