Cross site request forgery (csrf)

2021-05-0613:15:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.

CPENameOperatorVersion
fedoraeq33
linux_kernellt5.12
enterprise_linuxeq8.0
enterprise_linux_for_real_timeeq8
enterprise_linux_for_real_time_for_nfveq8
enterprise_linux_for_real_time_for_nfv_tuseq8.4
enterprise_linux_for_real_time_tuseq8.4
virtualizationeq4.0
virtualization_hosteq4.0

Name	Operator	Version
fedora	eq	33
linux_kernel	lt	5.12
enterprise_linux	eq	8.0
enterprise_linux_for_real_time	eq	8
enterprise_linux_for_real_time_for_nfv	eq	8
enterprise_linux_for_real_time_for_nfv_tus	eq	8.4
enterprise_linux_for_real_time_tus	eq	8.4
virtualization	eq	4.0
virtualization_host	eq	4.0