CVE-2021-26934 — Kernel vulnerability

5 documents5 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 67.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Fedoraproject Fedora Debian Linux +16 more

Timeline

PublishedFeb 17

Latest updateMay 24

Description

An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support status entry.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages18 packages

▶NVDlinux/linux_kernel4.18 — 5.10.16

▶msrcmsrc/kernel-drivers-sound-5.10.57.1-1.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64

▶msrcmsrc/kernel-drivers-sound-5.10.57.1-1.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm

▶msrcmsrc/kernel-drivers-accessibility-5.10.57.1-1.cm1.x86_64.rpm_on_cbl_mariner_1.0_x64

▶msrcmsrc/kernel-drivers-accessibility-5.10.57.1-1.cm1.aarch64.rpm_on_cbl_mariner_1.0_arm

Also affects: Fedora 32, 33

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-55gv-57w2-69r9: An issue was discovered in the Linux kernel 4↗2022-05-24

▶

OSV

CVE-2021-26934: An issue was discovered in the Linux kernel 4↗2021-02-17

▶

📋Vendor Advisories

Microsoft

An issue was discovered in the Linux kernel 4.18 through 5.10.16 as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration b↗2021-02-09

▶

Debian

CVE-2021-26934: linux - An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen...↗2021

▶