VDB

CVE-2021-1048

CVE-2021-1048 PUBLISHED KEV

In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204573007References: Upstream kernel

EPSS 0.91% · 76.3th percentile

Risk Scores

EPSS Score
0.91%
76.3th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSlinux-hwe-edge4.13.0-21.24~16.04.1, 4.13.0-25.29~16.04.2, *
Ubuntu:18.04:LTSlinux-dell300x0, 4.15.0-1006.10, 4.15.0-1005.8
Ubuntu:18.04:LTSlinux-oracle-5.00, *, 5.0.0-1011.16
Ubuntu:16.04:LTSlinux-gcp4.15.0-1029.31~16.04.1, 4.15.0-1028.29~16.04.1, 4.15.0-1027.28~16.04.1
Ubuntu:18.04:LTSlinux-gcp-5.35.3.0-1030.32~18.04.1, 5.3.0-1032.34~18.04.1, 0
Ubuntu:20.04:LTSlinux-oem-5.65.6.0-1035.37, 5.6.0-1036.39, 5.6.0-1039.43
Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-aws-fips4.15.0-2024.24, 4.15.0-2025.25, 4.15.0-2026.26
Ubuntu:18.04:LTSlinux-raspi24.15.0-1049.53, 4.15.0-1024.26, 0
Ubuntu:20.04:LTSlinux-hwe-5.85.8.0-38.43~20.04.1, 5.8.0-29.31~20.04.1, 5.8.0-31.33~20.04.1
Ubuntu:18.04:LTSlinux-oracle-5.35.3.0-1014.15~18.04.1, 5.3.0-1024.26~18.04.1, 5.3.0-1027.29~18.04.1
Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-fips4.15.0-1040.45, 4.15.0-1041.46, 4.15.0-1038.43
Ubuntu:18.04:LTSlinux-gcp4.15.0-1001.1, 5.0.0-1025.26~18.04.1, 5.0.0-1021.21~18.04.1
Ubuntu:18.04:LTSlinux-gcp-4.154.15.0-1086.98, 4.15.0-1081.92, 4.15.0-1083.94
Ubuntu:22.04:LTSlinux-realtime0, 5.15.0-1032.35
Ubuntu:20.04:LTSlinux-intel-5.135.13.0-1014.15, 5.13.0-1011.11, 5.13.0-1008.8
Ubuntu:20.04:LTSlinux-azure-5.85.8.0-1039.42~20.04.1, 5.8.0-1036.38~20.04.1, 5.8.0-1033.35~20.04.1
Ubuntu:16.04:LTSlinux-oracle4.15.0-1050.54~16.04.1, *, *
Ubuntu:18.04:LTSlinux-aws-5.35.3.0-1028.30~18.04.1, 0, 5.3.0-1034.36
Ubuntu:16.04:LTSlinux-aws-hwe4.15.0-1079.83~16.04.1, 4.15.0-1074.78~16.04.1, 4.15.0-1073.77~16.04.1
Ubuntu:16.04:LTSlinux-hwe4.10.0-42.46~16.04.1, *, *

…and 24 more

Timeline

  • Nov 2, 2021 CVE Published
  • Nov 6, 2021 PoC Published
  • Dec 16, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 8, 2022 EPSS Score
  • May 23, 2022 CISA KEV Added
  • May 28, 2022 EPSS Score
  • Jul 22, 2022 EPSS Score
  • Sep 15, 2022 EPSS Score
  • Nov 8, 2022 EPSS Score
  • Jan 1, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›