CVE-2021-0961 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-0961 REJECTED

In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196046570References: Upstream kernel

EPSS 0.05% · 14.3th percentile

Risk Scores

EPSS Score

0.05%

14.3th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:Pro:20.04:LTS	linux-raspi2	0, 5.3.0-1007.8, 5.3.0-1014.16

Timeline

Dec 15, 2021 CVE Published
Dec 16, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 8, 2022 EPSS Score
Apr 2, 2022 EPSS Score
Jul 20, 2022 EPSS Score
Sep 12, 2022 EPSS Score
Nov 4, 2022 EPSS Score
Dec 28, 2022 EPSS Score
Feb 20, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 15, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2021-0961 third-party-advisory
https://source.android.com/security/bulletin/2021-12-01 third-party-advisory
https://android.googlesource.com/kernel/common/+/e113eb454e92 third-party-advisory
https://android.googlesource.com/kernel/common/+/60a4c35570d9 third-party-advisory
https://android.googlesource.com/kernel/common/+/4b05a506bda0 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2021-0961 third-party-advisory

Open in Interactive Console →