VDB
CVE-2021-20261
CVE-2021-20261
PUBLISHED
A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the device have changed the impact changes greatly. In the default configuration root (or equivalent) permissions are required to attack this flaw.
EPSS 0.03% · 10.2th percentile
Risk Scores
EPSS Score
0.03%
10.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:14.04:LTS | linux-lts-xenial | 4.4.0-127.153~14.04.1, 4.4.0-130.156~14.04.1, * |
| Ubuntu:Pro:14.04:LTS | linux-aws | 4.4.0-1044.47, 4.4.0-1087.91, 4.4.0-1076.80 |
| Ubuntu:24.04:LTS | linux-raspi-realtime | 6.8.0-2019.20, 0 |
| Ubuntu:16.04:LTS | linux-raspi2 | 4.4.0-1059.67, 4.4.0-1038.45, 4.4.0-1023.29 |
| Ubuntu:18.04:LTS | linux-gcp-edge | 4.18.0-1005.6~18.04.1, 0, * |
| Ubuntu:22.04:LTS | linux-riscv | *, 0, 5.13.0-1004.4 |
| Ubuntu:18.04:LTS | linux-gcp-5.3 | 5.3.0-1018.19~18.04.1, *, 0 |
| Ubuntu:18.04:LTS | linux-aws-5.0 | 5.0.0-1023.26~18.04.1, 5.0.0-1022.25~18.04.1, 5.0.0-1021.24~18.04.1 |
| Ubuntu:22.04:LTS | linux-intel-iot-realtime | 5.15.0-1073.75, 0 |
| Ubuntu:20.04:LTS | linux-raspi2 | 0, 5.3.0-1014.16, 5.3.0-1015.17 |
| Ubuntu:16.04:LTS | linux-aws | 4.4.0-1123.137, 4.4.0-1099.110, 4.4.0-1100.111 |
| Ubuntu:20.04:LTS | linux-azure-fde | 5.4.0-1090.95+cvm1.1, 5.4.0-1089.94+cvm1.2, 5.4.0-1086.91+cvm1.1 |
| Ubuntu:20.04:LTS | linux-gke | 5.4.0-1083.89, 0, 5.4.0-1035.37 |
| Ubuntu:18.04:LTS | linux-hwe | *, 4.18.0-13.14~18.04.1, 4.18.0-15.16~18.04.1 |
| Ubuntu:Pro:14.04:LTS | linux | 3.13.0-170.220, 3.13.0-165.215, 3.13.0-166.216 |
| Ubuntu:18.04:LTS | linux-oracle-5.3 | *, *, * |
| Ubuntu:18.04:LTS | linux-gcp | 4.15.0-1021.22, 4.15.0-1018.19, * |
| Ubuntu:18.04:LTS | linux-aws-5.3 | 0, 5.3.0-1016.17~18.04.1, 5.3.0-1017.18~18.04.1 |
| Ubuntu:18.04:LTS | linux-snapdragon | 4.4.0-1077.82, 0, 4.4.0-1081.86 |
| Ubuntu:18.04:LTS | linux-oracle-5.0 | 0, 5.0.0-1008.13~18.04.1, 5.0.0-1010.15~18.04.1 |
…and 13 more
Timeline
- Mar 11, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-20261 third-party-advisory
- https://git.kernel.org/linus/a0c80efe5956ccce9fe7ae5c78542578c07bc20a third-party-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1932150 third-party-advisory
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0c80efe5956ccce9fe7ae5c78542578c07bc20a third-party-advisory
- https://ubuntu.com/security/notices/USN-4904-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-20261 third-party-advisory