VDB

CVE-2021-21781

CVE-2021-21781 PUBLISHED

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11

EPSS 0.02% · 4.0th percentile

Risk Scores

EPSS Score
0.02%
4.0th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSlinux-aws4.15.0-1027.27, 4.15.0-1021.21, 4.15.0-1087.92
Ubuntu:Pro:16.04:LTSlinux-kvm4.4.0-1013.18, 4.4.0-1130.140, 4.4.0-1146.157
Ubuntu:20.04:LTSlinux-kvm5.4.0-1033.34, 5.4.0-1034.35, 5.4.0-1036.37
Ubuntu:20.04:LTSlinux-riscv-5.85.8.0-14.16~20.04.3, 5.8.0-17.19~20.04.1, 5.8.0-18.20~20.04.1
Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-aws-fips4.15.0-2026.26, 4.15.0-2027.27, 0
Ubuntu:18.04:LTSlinux-oracle-5.05.0.0-1010.15~18.04.1, 5.0.0-1014.19, 0
Ubuntu:18.04:LTSlinux-hwe-edge*, 5.3.0-23.25~18.04.1, 5.0.0-20.21~18.04.1
Ubuntu:18.04:LTSlinux-gkeop-5.45.4.0-1005.6, 5.4.0-1007.8~18.04.1, 5.4.0-1009.10~18.04.1
Ubuntu:20.04:LTSlinux-aws5.4.0-1009.9, 0, 5.3.0-1003.3
Ubuntu:Pro:16.04:LTSlinux-hwe4.15.0-36.39~16.04.1, *, *
Ubuntu:18.04:LTSlinux-aws-5.05.0.0-1027.30, 5.0.0-1025.28, 5.0.0-1024.27~18.04.1
Ubuntu:18.04:LTSlinux4.15.0-22.24, 4.15.0-48.51, 4.15.0-47.50
Ubuntu:18.04:LTSlinux-gcp-4.154.15.0-1094.107, 4.15.0-1095.108, 4.15.0-1096.109
Ubuntu:20.04:LTSlinux-gkeop5.4.0-1012.13, 5.4.0-1011.12, 5.4.0-1010.11
Ubuntu:Pro:14.04:LTSlinux-azure4.15.0-1098.109~14.04.1, 4.15.0-1113.126~14.04.1, *
Ubuntu:18.04:LTSlinux-oracle-5.35.3.0-1024.26~18.04.1, *, *
Ubuntu:18.04:LTSlinux-oem4.15.0-1033.38, 4.15.0-1013.16, 4.15.0-1064.73
Ubuntu:Pro:FIPS:18.04:LTSlinux-fips0, 4.15.0-1011.12
Ubuntu:18.04:LTSlinux-oracle-5.45.4.0-1041.44~18.04.1, 5.4.0-1034.36~18.04.1, 5.4.0-1035.38~18.04.1
Ubuntu:18.04:LTSlinux-raspi24.15.0-1078.83, 4.15.0-1076.81, 4.15.0-1079.84

…and 56 more

Timeline

  • Aug 10, 2021 CVE Published
  • Aug 19, 2021 EPSS Score
  • Oct 16, 2021 EPSS Score
  • Dec 14, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 10, 2022 EPSS Score
  • Apr 10, 2022 EPSS Score
  • Jun 7, 2022 EPSS Score
  • Aug 5, 2022 EPSS Score
  • Oct 3, 2022 EPSS Score
  • Nov 30, 2022 EPSS Score
  • Jan 28, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›