CVE-2021-20292
CVSS v3.1
6.7 (Medium)
CVSS v2.0
7.2 (High)
EPSS
0.04 % (13th)
Affected Products
4
Advisories
14
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
Weaknesses
- CWE-416
- Use After Free
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2021-05-28 11:15:08
(3 years ago) - Updated Date
-
2023-07-28 19:35:59
(13 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...