CVE-2021-38205

LOW

Linux kernel <5.13.3 - Info Disclosure

Title source: llm

Description

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).

References (4)

[Patch, Third Party Advisory] https://github.com/torvalds/linux/commit/d0d62baa7f505bd4c59cd169692ff07ec49dde37

View Patch ZIP pw:eip

[Mailing List, Patch, Vendor Advisory] https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html

Scores

CVSS v3 3.3

EPSS 0.0007

EPSS Percentile 21.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE

CWE-824

Status published

Products (2)

debian/debian_linux 9.0

linux/linux_kernel < 5.13.3

Published Aug 08, 2021

Tracked Since Feb 18, 2026