{"id":"CVE-2021-21781","details":"An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11","aliases":["A-197850306","PUB-A-197850306"],"modified":"2026-03-14T10:43:53.904561Z","published":"2021-08-18T15:15:07.733Z","related":["ALSA-2022:1988","MGASA-2021-0099","MGASA-2021-0100","MGASA-2021-0101","MGASA-2021-0102","SUSE-SU-2021:2645-1","SUSE-SU-2021:2646-1","SUSE-SU-2021:2678-1","SUSE-SU-2021:2687-1","SUSE-SU-2021:2756-1","openSUSE-SU-2021:1142-1","openSUSE-SU-2021:2645-1","openSUSE-SU-2021:2687-1"],"references":[{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"EVIDENCE","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21781.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"5.4.54"}]},{"events":[{"introduced":"0"},{"last_affected":"5.4.66"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"22.2.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}