ASB-A-204450605

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-204450605.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-204450605
Aliases
  • A-204450605
  • CVE-2021-39634
Published
2022-01-01T00:00:00Z
Modified
2024-08-07T19:29:32.314166Z
Summary
Upstream linux vulnerability in epoll
Details

In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / :linux_kernel:

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
:0
Fixed
:2022-01-05

Affected versions

Other

Kernel

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "281761851118573238417064251091957666292",
                    "66716452289808523718992946986435002294",
                    "238149171707000430488825594700649822945",
                    "26136525765657484005842846464340498509",
                    "193067148266005416477872802859470790853",
                    "88756201235542557271698617933401552938",
                    "150508037877092615736382668588997730010",
                    "184785842090014470300364861830991826586",
                    "124012108907255222333292463384886727462",
                    "14754910811055373754744278323106510798",
                    "338422229912443275097368711427458621123",
                    "257191157499221204848855334260604081658",
                    "151321889986198462900830560716771511738",
                    "72932826716581820486295703700363087347",
                    "111228602360053789999847191490887625423",
                    "179870949799274072871931870297664388759",
                    "161516205867268128265865626947277960082",
                    "226742925649578267199794237924187415355",
                    "295112841176974074523191062608716452742",
                    "111738587607780391033359608457242647485",
                    "2129751208561844047623001376462740887"
                ]
            },
            "id": "ASB-A-204450605-c6a19363",
            "source": "https://android.googlesource.com/kernel/common/+/f8d4f44df056c5b504b0d49683fb7279218fd207",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "fs/eventpoll.c"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 2004.0,
                "function_hash": "6325098871493236007769009914198357004"
            },
            "id": "ASB-A-204450605-d2d6789d",
            "source": "https://android.googlesource.com/kernel/common/+/f8d4f44df056c5b504b0d49683fb7279218fd207",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "fs/eventpoll.c",
                "function": "ep_insert"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/kernel/common/+/f8d4f44df056c5b504b0d49683fb7279218fd207"
    ],
    "spl": "2022-01-05",
    "severity": "High",
    "types": [
        "EoP"
    ]
}