1. Home
  2. Vulnerabilities
  3. CVE-2021-3612

CVE-2021-3612

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 7.2 (High)
72% Progress
EPSS 0.04 % (10th)
0.04% Progress
Affected Products 26
Advisories 36
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Weaknesses
CWE-20
Improper Input Validation
CWE-787
Out-of-bounds Write
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2021-07-09 11:15:09
(3 years ago)
Updated Date
2023-11-07 03:38:09
(10 months ago)

Affected Products

Debian

Fedoraproject

Linux

Netapp

Oracle

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 5.9.0 version cpe:2.3:o:linux:linux_kernel < 5.9.0

Configuration #2

    CPE23 From Up To
  Redhat Enterprise Linux 7.0 cpe:2.3:o:redhat:enterprise_linux:7.0
  Redhat Enterprise Linux 8.0 cpe:2.3:o:redhat:enterprise_linux:8.0

Configuration #3

    CPE23 From Up To
  Fedoraproject Fedora 34 cpe:2.3:o:fedoraproject:fedora:34

Configuration #4

    CPE23 From Up To
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0

Configuration #5

    CPE23 From Up To
  Oracle Communications Cloud Native Core Binding Support Function 22.1.3 cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3
  Oracle Communications Cloud Native Core Network Exposure Function 22.1.1 cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1
  Oracle Communications Cloud Native Core Policy 22.2.0 cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0

Configuration #6

    CPE23 From Up To
  Netapp Cloud Backup cpe:2.3:a:netapp:cloud_backup:-

Configuration #7

AND
    CPE23 From Up To
OR  
  Netapp Solidfire Baseboard Management Controller cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-
OR  
  Running on/with
  Netapp Solidfire Baseboard Management Controller Firmware cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-

Configuration #8

AND
    CPE23 From Up To
OR  
  Netapp H300s cpe:2.3:h:netapp:h300s:-
OR  
  Running on/with
  Netapp H300s Firmware cpe:2.3:o:netapp:h300s_firmware:-

Configuration #9

AND
    CPE23 From Up To
OR  
  Netapp H500s cpe:2.3:h:netapp:h500s:-
OR  
  Running on/with
  Netapp H500s Firmware cpe:2.3:o:netapp:h500s_firmware:-

Configuration #10

AND
    CPE23 From Up To
OR  
  Netapp H700s cpe:2.3:h:netapp:h700s:-
OR  
  Running on/with
  Netapp H700s Firmware cpe:2.3:o:netapp:h700s_firmware:-

Configuration #11

AND
    CPE23 From Up To
OR  
  Netapp H300e cpe:2.3:h:netapp:h300e:-
OR  
  Running on/with
  Netapp H300e Firmware cpe:2.3:o:netapp:h300e_firmware:-

Configuration #12

AND
    CPE23 From Up To
OR  
  Netapp H500e cpe:2.3:h:netapp:h500e:-
OR  
  Running on/with
  Netapp H500e Firmware cpe:2.3:o:netapp:h500e_firmware:-

Configuration #13

AND
    CPE23 From Up To
OR  
  Netapp H700e cpe:2.3:h:netapp:h700e:-
OR  
  Running on/with
  Netapp H700e Firmware cpe:2.3:o:netapp:h700e_firmware:-

Configuration #14

AND
    CPE23 From Up To
OR  
  Netapp H410s Firmware cpe:2.3:o:netapp:h410s_firmware:-
OR  
  Running on/with
  Netapp H410s cpe:2.3:h:netapp:h410s:-

Configuration #15

AND
    CPE23 From Up To
OR  
  Netapp H410c Firmware cpe:2.3:o:netapp:h410c_firmware:-
OR  
  Running on/with
  Netapp H410c cpe:2.3:h:netapp:h410c:-