CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
9.8%
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC
router protocol in the Linux kernel. A missing sanity check allows a local
attacker to gain access to out-of-bounds memory, leading to a system crash
or a leak of internal kernel information. The highest threat from this
vulnerability is to system availability.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < 4.15.0-162.170 | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < 5.4.0-90.101 | UNKNOWN |
ubuntu | 21.04 | noarch | linux | < 5.11.0-38.42 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1115.122 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1059.62 | UNKNOWN |
ubuntu | 21.04 | noarch | linux-aws | < 5.11.0-1020.21 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.11 | < 5.11.0-1020.21~20.04.2 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < 5.4.0-1059.62~18.04.1 | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws-hwe | < 4.15.0-1115.122~16.04.1 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < 5.4.0-1063.66 | UNKNOWN |
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=194ccc88297ae78d0803adad83c6dcc369787c9e
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ad9d24c9429e2159d1e279dc3a83191ccb4daf1d
launchpad.net/bugs/cve/CVE-2021-3743
nvd.nist.gov/vuln/detail/CVE-2021-3743
security-tracker.debian.org/tracker/CVE-2021-3743
ubuntu.com/security/notices/USN-5113-1
ubuntu.com/security/notices/USN-5115-1
ubuntu.com/security/notices/USN-5117-1
ubuntu.com/security/notices/USN-5136-1
ubuntu.com/security/notices/USN-5137-1
ubuntu.com/security/notices/USN-5137-2
www.cve.org/CVERecord?id=CVE-2021-3743
www.openwall.com/lists/oss-security/2021/08/27/2
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
9.8%