How severe is CVE-2021-47096?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4 out of 10.

What type of vulnerability is CVE-2021-47096?

This is classified as CWE-908, which is a common weakness in software security.

CVE-2021-47096

MEDIUM Year: 2021

CVSS v3 Score

4.0

Medium

Weakness Type

CWE-908

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized user_pversion The user_pversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA sequencer code clears the file structure, so no additional fixes are required. BugLink: https://github.com/alsa-project/alsa-lib/issues/178

CVE-2018-3970

MEDIUM

CVSS:4.0(Medium)

An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return un...

CWE-9082018

CVE-2021-21781

MEDIUM

CVSS:4.0(Medium)

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application ...

CWE-9082021

CVE-2021-34999

LOW

CVSS:3.8(Low)

OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of Ope...

CWE-9082021

CVE-2017-5102

MEDIUM

CVSS:4.3(Medium)

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process mem...

CWE-9082017

CVE-2017-5103

MEDIUM

CVSS:4.3(Medium)

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a...

CWE-9082017

CVE-2018-1037

MEDIUM

CVSS:4.3(Medium)

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Stud...

CWE-9082018

CVE-2021-47096

Vulnerability Description

Related Vulnerabilities

CVE-2018-3970

CVE-2021-21781

CVE-2021-34999

CVE-2017-5102

CVE-2017-5103

CVE-2018-1037