CVE-2021-38205

Advisory lineage Upstream: 0 Downstream: 23

Downstream

DEBIAN-CVE-2021-38205 DLA-2785-1 DLA-2843-1 MGASA-2021-0409 MGASA-2021-0410 OPENSUSE-SU-2021:1271-1

Modified

Published: 08 Aug 2021, 19:23

Last modified:04 Aug 2024, 01:37

Vulnerability Summary

Overall Risk (default)

low

13/100

CVSS Score

3.3 LOW

v3.1 (nvd)

EPSS Score

0.02% LOW

0% probability -0.05%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

08 Aug 2021, 19:23

Published

Vulnerability first disclosed

04 Aug 2024, 01:37

Last Modified

Vulnerability information updated

Description

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).

CVSS Metrics

v3.1•LOW•Score: 3.3CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
v2.0•LOW•Score: 2.1AV:L/AC:L/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 0.02%• Percentile: 7%

Techniques & Countermeasures

CWE-824•Access of Uninitialized Pointer
The product accesses or uses a pointer that has not been initialized.

Affected Systems

debian•debian_linux
9.0
linux•linux_kernel
< 5.13.3