{"id":"PUB-A-190877279","details":"In __bpf_ringbuf_reserve of ringbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-190877279","CVE-2021-3489"],"modified":"2026-03-11T06:34:32.033146Z","published":"2021-10-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-10-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/4b81ccebaeee885ab1aa1438133f2991e3a2b6ea"}],"affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2021-10-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"types":["EoP"],"vanir_signatures":[{"id":"PUB-A-190877279-be596cc4","digest":{"function_hash":"183729967604640829626352513401008393136","length":855},"target":{"file":"kernel/bpf/ringbuf.c","function":"__bpf_ringbuf_reserve"},"source":"https://android.googlesource.com/kernel/common/+/4b81ccebaeee885ab1aa1438133f2991e3a2b6ea","signature_type":"Function","deprecated":false,"signature_version":"v1"},{"id":"PUB-A-190877279-e9dc1edb","digest":{"threshold":0.9,"line_hashes":["192741236581112911028087146785749077645","178244520072335451936189270906947903571","301616955728519727737405711715100561842","263076874577890106306520638709279565582"]},"target":{"file":"kernel/bpf/ringbuf.c"},"source":"https://android.googlesource.com/kernel/common/+/4b81ccebaeee885ab1aa1438133f2991e3a2b6ea","signature_type":"Line","deprecated":false,"signature_version":"v1"}],"spl":"2021-10-05","fixes":["https://android.googlesource.com/kernel/common/+/4b81ccebaeee885ab1aa1438133f2991e3a2b6ea"],"severity":"Moderate"},"database_specific":{"source":"https://storage.googleapis.com/android-osv-test/PUB-A-190877279.json"}}],"schema_version":"1.7.5"}