vulnerability

Red Hat: CVE-2021-3612: CVE-2021-3612 kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	2021-07-09	2022-05-13	2024-03-13

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

2021-07-09

Added

2022-05-13

Modified

2024-03-13

Description

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Solution(s)

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

NVD-CVE-2021-3612
REDHAT-RHSA-2022:1975
REDHAT-RHSA-2022:1988

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today