CVE-2021-3753

Description

A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://errata.rockylinux.org/RLSA-2024:2950
• https://www.suse.com/security/cve/CVE-2021-3753.html
• https://security-tracker.debian.org/tracker/CVE-2021-3753
• https://access.redhat.com/errata/RHSA-2024:3138
• https://bugzilla.redhat.com/1731000
• https://bugzilla.redhat.com/1746732
• https://bugzilla.redhat.com/1888726
• https://bugzilla.redhat.com/1999589
• https://bugzilla.redhat.com/2039178
• https://bugzilla.redhat.com/2043520
• https://bugzilla.redhat.com/2044578
• https://bugzilla.redhat.com/2150953
• https://bugzilla.redhat.com/2151959
• https://bugzilla.redhat.com/2177759
• https://bugzilla.redhat.com/2179892
• https://bugzilla.redhat.com/2213132
• https://bugzilla.redhat.com/2218332
• https://bugzilla.redhat.com/2219359
• https://bugzilla.redhat.com/2221039
• https://bugzilla.redhat.com/2221463
• https://bugzilla.redhat.com/2221702
• https://bugzilla.redhat.com/2226777
• https://bugzilla.redhat.com/2226784
• https://bugzilla.redhat.com/2226787
• https://bugzilla.redhat.com/2226788

💬 Discuss CVE-2021-3753 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.