CVE-2021-28971 — Improper Handling of Exceptional Conditions in Linux
Severity
5.5MEDIUMNVD
OSV7.8OSV6.5
EPSS
0.1%
top 74.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 22
Latest updateMay 24
Description
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
Also affects: Debian Linux 9.0, Fedora 32, 33, 34
Patches
🔴Vulnerability Details
5OSV▶
linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities↗2021-06-08
OSV▶
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.↗2021-06-08
📋Vendor Advisories
5Microsoft▶
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS↗2021-03-09
Debian▶
CVE-2021-28971: linux - In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel th...↗2021