Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-3612

Related Vulnerabilities: CVE-2021-3612  

No description is available for this CVE.

Source

Description

No description is available for this CVE.

Statement

This flaw is rated as having a Moderate impact because for the Red Hat Enterprise Linux the patch that made it possible writing memory out of bounds not applied yet, but still before that patch possible read out of bounds. Both in the default configuration of Red Hat Enterprise Linux the joysticks devices driver is disabled, so only privileged local user can enable it.

This flaw is rated as having a Moderate impact because for the Red Hat Enterprise Linux the patch that made it possible writing memory out of bounds not applied yet, but still before that patch possible read out of bounds. Both in the default configuration of Red Hat Enterprise Linux the joysticks devices driver is disabled, so only privileged local user can enable it.

Mitigation

To mitigate this issue, prevent the module joydev from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.

Additional Information

  • Bugzilla 1974079: CVE-2021-3612 kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
  • CWE-20->CWE-119: Improper Input Validation leads to Improper Restriction of Operations within the Bounds of a Memory Buffer
  • FAQ: Frequently asked questions about CVE-2021-3612

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started