How severe is CVE-2021-20292?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2021-20292?

This is classified as CWE-416, which is a common weakness in software security.

CVE-2021-20292 - MEDIUM Severity | CVSS 6.7

Vulnerability Description

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.

Related Vulnerabilities

CVE-2016-7154

MEDIUM

CVSS:6.7(Medium)

Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain se...

CWE-4162016

CVE-2018-9517

MEDIUM

CVSS:6.7(Medium)

In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not need...

CWE-4162018

CVE-2019-19769

MEDIUM

CVSS:6.7(Medium)

In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).

CWE-4162019

CVE-2019-8528

MEDIUM

CVSS:6.7(Medium)

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, i...

CWE-4162019

CVE-2019-9259

MEDIUM

CVSS:6.7(Medium)

In the Bluetooth stack, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is n...

CWE-4162019

CVE-2019-9273

MEDIUM

CVSS:6.7(Medium)

In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution pri...

CWE-4162019