vulnerability
Alma Linux: CVE-2021-21781: Important: kernel security, bug fix, and enhancement update (ALSA-2022-1988)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Aug 18, 2021 | May 13, 2022 | May 20, 2022 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Aug 18, 2021
Added
May 13, 2022
Modified
May 20, 2022
Description
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11
Solution(s)
alma-upgrade-bpftoolalma-upgrade-kernelalma-upgrade-kernel-abi-stablelistsalma-upgrade-kernel-corealma-upgrade-kernel-cross-headersalma-upgrade-kernel-debugalma-upgrade-kernel-debug-corealma-upgrade-kernel-debug-develalma-upgrade-kernel-debug-modulesalma-upgrade-kernel-debug-modules-extraalma-upgrade-kernel-develalma-upgrade-kernel-docalma-upgrade-kernel-headersalma-upgrade-kernel-modulesalma-upgrade-kernel-modules-extraalma-upgrade-kernel-toolsalma-upgrade-kernel-tools-libsalma-upgrade-kernel-tools-libs-develalma-upgrade-perfalma-upgrade-python3-perf
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.