CVE-2021-3612

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-3612

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3612.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-3612

Downstream

DEBIAN-CVE-2021-3612

DLA-2785-1

DLA-2843-1

RHSA-2022:1975

RHSA-2022:1988

SUSE-SU-2021:2407-1

SUSE-SU-2021:2408-1

SUSE-SU-2021:2416-1

SUSE-SU-2021:2438-1

SUSE-SU-2021:2599-1

SUSE-SU-2021:2599-2

SUSE-SU-2021:2643-1

SUSE-SU-2021:2645-1

SUSE-SU-2021:2687-1

UBUNTU-CVE-2021-3612

USN-5070-1

USN-5071-1

USN-5071-2

USN-5071-3

USN-5073-1

USN-5073-2

USN-5073-3

USN-5096-1

USN-5106-1

USN-5120-1

USN-5299-1

USN-5343-1

openSUSE-SU-2021:1076-1

openSUSE-SU-2021:2645-1

openSUSE-SU-2021:2687-1

Related

Published

2021-07-09T11:15:09Z

Modified

2025-08-09T20:01:26Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

References

Affected packages