How severe is CVE-2021-20261?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.4 out of 10.

What type of vulnerability is CVE-2021-20261?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2021-20261

MEDIUM Year: 2021

CVSS v3 Score

6.4

Medium

CVSS v2 Score

4.4

Medium

Weakness Type

CWE-362

View all →

Vulnerability Description

A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the device have changed the impact changes greatly. In the default configuration root (or equivalent) permissions are required to attack this flaw.

CVE-2015-8511

MEDIUM

CVSS:6.4(Medium)

Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.

CWE-3622015

CVE-2016-9962

MEDIUM

CVSS:6.4(Medium)

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-des...

CWE-3622016

CVE-2017-1000367

MEDIUM

CVSS:6.4(Medium)

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.

CWE-3622017

CVE-2018-9519

MEDIUM

CVSS:6.4(Medium)

In easelcomm_hw_build_scatterlist, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System privileges required. User interaction i...

CWE-3622018

CVE-2019-2188

MEDIUM

CVSS:6.4(Medium)

In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not neede...

CWE-3622019