CVE-2021-39711
Summary
| CVE | CVE-2021-39711 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-03-16 15:15:00 UTC |
| Updated | 2022-03-23 18:15:00 UTC |
| Description | In bpf_prog_test_run_skb of test_run.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154175781References: Upstream kernel |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Pixel Update Bulletin—March 2022 | Android Open Source Project | MISC | source.android.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 180217 Debian Security Update for linux (CVE-2021-39711)
- 610400 Google Pixel Android March 2022 Security Patch Missing
- 610408 Google Android April 2022 Security Patch Missing for Huawei EMUI
- 752234 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2080-1)
- 752237 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2083-1)
- 752240 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2103-1)
- 752250 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2111-1)
- 752254 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2116-1)