Published: 16/03/2022 Updated: 23/03/2022

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

It exists that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android -

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-4155 Kirill Tkhai discovered a data leak in the way the XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for a size increase of files with unaligned size A local attacker can tak ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-29374 Jann Horn of Google reported a flaw in Linux's virtual memory management A parent and child process initially share all their memory, but when either writes to a shared page, ...

Several security issues were fixed in the Linux kernel ...

oss-sec mailing list archives   By Date By Thread </form>    CVE-2021-39685 : Linux Kernel USB Gadget buffer overflow   From: Szymon H ...

CVE-2021-39685 Description and sample exploit for Linux USB Gadget overflow vulnerability

inspector-gadget Go Go Gadget Exploit! _--"\ `|`""--_ -' \ | `'- / \_|___----'`\ |__,,--""``(_)--__ | '\ _--'`I_ ''--' `''"`,#JGS/_|_\###,---'` ,#' _:`___`:-_ '#, #' ,~'-;(oIo);-'~, '#

CWE-787 https://source.android.com/security/bulletin/2022-03-01 https://nvd.nist.gov https://github.com/szymonh/inspector-gadget https://www.debian.org/security/2022/dsa-5050 https://ubuntu.com/security/notices/USN-5278-1 https://ubuntu.com/security/notices/USN-5513-1

CVE-2021-39685

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect