Lucene search

[email protected]NVD:CVE-2021-3743

HistoryMar 04, 2022 - 4:15 p.m.

CVE-2021-3743

2022-03-0416:15:08

CWE-125

[email protected]

web.nvd.nist.gov

qualcomm

ipc router

memory read

linux kernel

system crash

vulnerability

system availability

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS

Percentile

9.8%

JSON

An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.

Affected configurations

Nvd

Node

linuxlinux_kernelRange5.14.1–5.17

linuxlinux_kernelMatch5.14rc6

linuxlinux_kernelMatch5.17-

linuxlinux_kernelMatch5.17rc1

linuxlinux_kernelMatch5.17rc2

linuxlinux_kernelMatch5.17rc3

linuxlinux_kernelMatch5.17rc4

linuxlinux_kernelMatch5.17rc5

linuxlinux_kernelMatch5.17rc6

Node

fedoraprojectfedoraMatch34

Node

netapph300sMatch-

AND

netapph300s_firmwareMatch-

Node

netapph500sMatch-

AND

netapph500s_firmwareMatch-

Node

netapph700sMatch-

AND

netapph700s_firmwareMatch-

Node

netapph300eMatch-

AND

netapph300e_firmwareMatch-

Node

netapph500eMatch-

AND

netapph500e_firmwareMatch-

Node

netapph700eMatch-

AND

netapph700e_firmwareMatch-

Node

netapph410sMatch-

AND

netapph410s_firmwareMatch-

Node

netapph410c_firmwareMatch-

AND

netapph410cMatch-

Node

oraclecommunications_cloud_native_core_binding_support_functionMatch22.1.3

oraclecommunications_cloud_native_core_network_exposure_functionMatch22.1.1

oraclecommunications_cloud_native_core_policyMatch22.2.0

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel5.14cpe:2.3:o:linux:linux_kernel:5.14:rc6:*:*:*:*:*:*
linuxlinux_kernel5.17cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*
linuxlinux_kernel5.17cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*
linuxlinux_kernel5.17cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*
linuxlinux_kernel5.17cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*
linuxlinux_kernel5.17cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*
linuxlinux_kernel5.17cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*
linuxlinux_kernel5.17cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*
fedoraprojectfedora34cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	5.14	cpe:2.3:o:linux:linux_kernel:5.14:rc6::::::
linux	linux_kernel	5.17	cpe:2.3:o:linux:linux_kernel:5.17:-::::::
linux	linux_kernel	5.17	cpe:2.3:o:linux:linux_kernel:5.17:rc1::::::
linux	linux_kernel	5.17	cpe:2.3:o:linux:linux_kernel:5.17:rc2::::::
linux	linux_kernel	5.17	cpe:2.3:o:linux:linux_kernel:5.17:rc3::::::
linux	linux_kernel	5.17	cpe:2.3:o:linux:linux_kernel:5.17:rc4::::::
linux	linux_kernel	5.17	cpe:2.3:o:linux:linux_kernel:5.17:rc5::::::
linux	linux_kernel	5.17	cpe:2.3:o:linux:linux_kernel:5.17:rc6::::::
fedoraproject	fedora	34	cpe:2.3:o:fedoraproject:fedora:34:::::::*