CVE-2021-46934
LOW EPSS 14.1%
Published Feb 27, 20242y ago · Modified Jun 17, 20262w ago
3.3 CVSS 3.1
Published Feb 27, 2024 2y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to prevent reported warnings
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability None
Threat Intelligence
EPSS Exploit Probability
14.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-754
Affected Products 4
References 5
- git.kernel.org https://git.kernel.org/stable/c/407c8708fb1bf2d4afc5337ef50635cf540c364b
- git.kernel.org https://git.kernel.org/stable/c/8d31cbab4c295d7010ebb729e9d02d0e9cece18f
- git.kernel.org https://git.kernel.org/stable/c/9e4a3f47eff476097e0c7faac04d1831fc70237d
- git.kernel.org https://git.kernel.org/stable/c/bb436283e25aaf1533ce061605d23a9564447bdf
- git.kernel.org https://git.kernel.org/stable/c/f68599581067e8a5a8901ba9eb270b4519690e26
Remediation
- git.kernel.org https://git.kernel.org/stable/c/407c8708fb1bf2d4afc5337ef50635cf540c364b
- git.kernel.org https://git.kernel.org/stable/c/8d31cbab4c295d7010ebb729e9d02d0e9cece18f
- git.kernel.org https://git.kernel.org/stable/c/9e4a3f47eff476097e0c7faac04d1831fc70237d
- git.kernel.org https://git.kernel.org/stable/c/bb436283e25aaf1533ce061605d23a9564447bdf
- git.kernel.org https://git.kernel.org/stable/c/f68599581067e8a5a8901ba9eb270b4519690e26