Wind River Support Network

HomeDefectsLIN1021-1703
Fixed

LIN1021-1703 : Security Advisory - linux - CVE-2021-42252

Created: Oct 11, 2021    Updated: Oct 31, 2021
Resolved Date: Oct 25, 2021
Found In Version: 10.21.20.1
Fix Version: 10.21.20.6
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes.

CREATE(Triage):(User=admin) [CVE-2021-42252|https://nvd.nist.gov/vuln/detail/CVE-2021-42252]

CVEs


Live chat
Online