CVE-2021-38160

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-38160

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-38160.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-38160

Aliases

A-197154898
PUB-A-197154898

Downstream

DEBIAN-CVE-2021-38160

DLA-2785-1

DLA-2843-1

DSA-4978-1

OESA-2021-1324

SUSE-SU-2021:14849-1

SUSE-SU-2021:3177-1

SUSE-SU-2021:3178-1

SUSE-SU-2021:3179-1

SUSE-SU-2021:3192-1

SUSE-SU-2021:3205-1

SUSE-SU-2021:3205-2

SUSE-SU-2021:3206-1

SUSE-SU-2021:3207-1

SUSE-SU-2021:3217-1

SUSE-SU-2021:3360-1

SUSE-SU-2021:3371-1

SUSE-SU-2021:3374-1

SUSE-SU-2021:3401-1

SUSE-SU-2021:3415-1

SUSE-SU-2021:3440-1

SUSE-SU-2021:3443-1

SUSE-SU-2021:3459-1

SUSE-SU-2021:3876-1

SUSE-SU-2021:3929-1

SUSE-SU-2021:3935-1

SUSE-SU-2021:3969-1

SUSE-SU-2021:3972-1

SUSE-SU-2025:0229-1

UBUNTU-CVE-2021-38160

USN-5073-1

USN-5073-2

USN-5073-3

USN-5091-1

USN-5091-2

USN-5092-1

USN-5092-2

USN-5096-1

USN-5106-1

USN-5343-1

openSUSE-SU-2021:1271-1

openSUSE-SU-2021:3179-1

openSUSE-SU-2021:3205-1

openSUSE-SU-2021:3876-1

Related

Published

2021-08-07T04:15:06Z

Modified

2025-08-09T19:01:29Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior

Database specific

{
    "isDisputed": true
}

References

Affected packages