Vulnerabilities > CVE-2021-3501 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 3.6 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.

Vulnerable Configurations

Part Description Count
OS
Linux
3713
OS
Redhat
5
OS
Fedoraproject
1
OS
Netapp
9
Application
Redhat
2
Application
Netapp
1
Hardware
Netapp
8

Common Weakness Enumeration (CWE)