GoogleOSV:ASB-A-204573007

HistoryNov 01, 2021 - 12:00 a.m.

Upstream linux vulnerability in epoll #2

Vulners
Osv
Upstream linux vulnerability in epoll #2

2021-11-0100:00:00

Google

osv.dev

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.0%

JSON

In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CPENameOperatorVersion
:linux_kernel:eqKernel

CPE	Name	Operator	Version
	:linux_kernel:	eq	Kernel

References

android.googlesource.com/kernel/common/+/77f4689de17c0887775bb77896f4cc11a39bf848

source.android.com/security/bulletin/2021-11-01

cvelist 1

cisa_kev 1

prion 1

nvd 1

attackerkb 1

redhatcve 1

ubuntucve 1

cve 1

debiancve 1

cnvd 1

oraclelinux 2

nessus 6

talosblog 1

thn 2

malwarebytes 2

threatpost 1

openvas 3

github 1

googleprojectzero 1

cvelist

CVE-2021-1048

2021-12-15 18:05:35

cisa_kev

Android Kernel Use-After-Free Vulnerability

2022-05-23 00:00:00

prion

Memory corruption

2021-12-15 19:15:00

nvd

CVE-2021-1048

2021-12-15 19:15:14

attackerkb

CVE-2021-1048

2021-12-15 00:00:00

redhatcve

CVE-2021-1048

2021-12-13 18:20:35

ubuntucve

CVE-2021-1048

2021-12-15 00:00:00

cve

CVE-2021-1048

2021-12-15 19:15:14

debiancve

CVE-2021-1048

2021-12-15 19:15:14

cnvd

Google Android Kernel Component Elevation of Privilege Vulnerability (CNVD-2021-101423)

2021-11-02 00:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2022-01-10 00:00:00

Unbreakable Enterprise kernel security update

2022-02-01 00:00:00

nessus

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9014)

2022-01-10 00:00:00

OracleVM 3.4 : kernel-uek (OVMSA-2022-0005)

2022-01-11 00:00:00

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9088)

2022-02-01 00:00:00

talosblog

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

2023-05-25 12:02:19

thn

Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits

2022-05-20 10:58:00

Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks

2021-11-03 05:20:00

malwarebytes

Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware

2022-05-24 09:55:59

Google patches zero-day vulnerability, and others, in Android

2021-11-02 16:48:46

threatpost

Android Patches Actively Exploited Zero-Day Kernel Bug

2021-11-02 17:20:42

openvas

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1271)

2022-03-02 00:00:00

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2818)

2021-12-30 00:00:00

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2508)

2022-10-10 00:00:00

github

Pwning the all Google phone with a non-Google bug

2023-01-23 15:05:19

googleprojectzero

The More You Know, The More You Know You Don’t Know

2022-04-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

Upstream linux vulnerability in epoll #2

References

Related