VDB
CVE-2021-38200
CVE-2021-38200
PUBLISHED
CVSS 5.5 MEDIUM
arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command.
EPSS 0.04% · 13.3th percentile
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.04%
13.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| linux | linux_kernel | 0 |
Timeline
- Aug 8, 2021 CVE Published
- Aug 9, 2021 EPSS Score
- Oct 7, 2021 EPSS Score
- Dec 4, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 1, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 29, 2022 EPSS Score
- Jul 28, 2022 EPSS Score
- Nov 23, 2022 EPSS Score
- Jan 20, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- https://github.com/torvalds/linux/commit/60b7ed54a41b550d50caf7f2418db4a7e75b5bdc url
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.13 url
- https://ubuntu.com/security/notices/USN-5072-1 advisory
- https://ubuntu.com/security/notices/USN-5073-1 advisory
- https://ubuntu.com/security/notices/USN-5071-1 advisory
- https://ubuntu.com/security/notices/USN-5070-1 advisory
- https://ubuntu.com/security/notices/USN-5062-1 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-38200 advisory