Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-26932

EPSS 0.18% · P40
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-26932

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors are ignored, effectively implying their success from the success of related batch elements. In other cases, errors resulting from one batch element lead to further batch elements not being inspected, and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. Linux backends run in HVM / PVH modes are not vulnerable. This affects arch/*/xen/p2m.c and drivers/xen/gntdev.c.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 3.2 through 5.10.16 存在安全漏洞,该漏洞源于忽略了一些错误,有效地暗示了相关批处理元素的成功。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2021-26932

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-26932

登录查看更多情报信息。

Same Patch Batch · n/a · 2021-02-17 · 87 CVEs total

CVE-2020-93068.8 HIGHTesla SolarCity Solar Monitoring Gateway 信任管理问题漏洞
CVE-2021-271387.8 HIGHDas U-Boot 安全漏洞
CVE-2021-270977.8 HIGHDas U-Boot 安全漏洞
CVE-2021-233395.0 MEDIUMHTTP Request Smuggling
CVE-2020-12361Intel Graphics Drivers 资源管理错误漏洞
CVE-2020-0521Intel Graphics Drivers 安全漏洞
CVE-2020-0518Intel Graphics Drivers 安全漏洞
CVE-2020-12367Intel Graphics Drivers 输入验证错误漏洞
CVE-2020-12368Intel Graphics Drivers 输入验证错误漏洞
CVE-2020-12369Intel Graphics Drivers 缓冲区错误漏洞
CVE-2020-8678Intel Graphics Drivers 安全漏洞
CVE-2020-24452SGX Platform Software 输入验证错误漏洞
CVE-2020-24453Intel EPID SDK 输入验证错误漏洞
CVE-2020-24458Intel PROSet Wireless 信息泄露漏洞
CVE-2020-24480Intel XTU 安全漏洞
CVE-2020-24481Intel Quartus Prime Pro安全漏洞
CVE-2020-24482Intel 7360 Cell Modem 缓冲区错误漏洞
CVE-2020-24491Intel 10th Generation Intel Core Processor 信息泄露漏洞
CVE-2020-24500Intel Ethernet Controllers 缓冲区错误漏洞
CVE-2020-24505Intel Ethernet Controllers 输入验证错误漏洞

Showing top 20 of 87 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2021-26932

No comments yet

Leave a comment