Untrusted Pointer Dereference

CVE-2021-20239

Low

3.3/10

Summary

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-822 - Untrusted Pointer Dereference

The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

References

Advisory Timeline

Published May 28, 2021

Untrusted Pointer Dereference

CVE-2021-20239

Summary

CWE-822 - Untrusted Pointer Dereference

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS