vulnerability
Red Hat: CVE-2021-21781: CVE-2021-21781 kernel: arm: SIGPAGE information disclosure vulnerability (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Aug 18, 2021 | May 13, 2022 | Jul 9, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Aug 18, 2021
Added
May 13, 2022
Modified
Jul 9, 2025
Description
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11
Solution(s)
no-fix-redhat-rpm-packageredhat-upgrade-kernel
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.