var-202107-1361
Vulnerability from variot
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. Linux kernel vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary
Several security issues were fixed in the kernel. A local attacker could use this to possibly execute arbitrary code. (CVE-2021-3600)
It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909)
Update instructions
The problem can be corrected by updating your kernel livepatch to the following versions:
Ubuntu 20.04 LTS gcp - 79.1 generic - 79.1 gke - 79.1 gkeop - 79.1 lowlatency - 79.1
Ubuntu 18.04 LTS generic - 79.1 gke - 79.1 gkeop - 79.1 lowlatency - 79.1 oem - 79.1
Ubuntu 16.04 ESM generic - 79.1 lowlatency - 79.1
Ubuntu 14.04 ESM generic - 79.1 lowlatency - 79.1
Support Information
Kernels older than the levels listed below do not receive livepatch updates. If you are running a kernel version earlier than the one listed below, please upgrade your kernel as soon as possible.
Ubuntu 20.04 LTS linux-aws - 5.4.0-1009 linux-azure - 5.4.0-1010 linux-gcp - 5.4.0-1009 linux-gke - 5.4.0-1033 linux-gkeop - 5.4.0-1009 linux-oem - 5.4.0-26 linux - 5.4.0-26
Ubuntu 18.04 LTS linux-aws - 4.15.0-1054 linux-gke-4.15 - 4.15.0-1076 linux-gke-5.4 - 5.4.0-1009 linux-gkeop-5.4 - 5.4.0-1007 linux-hwe-5.4 - 5.4.0-26 linux-oem - 4.15.0-1063 linux - 4.15.0-69
Ubuntu 16.04 ESM linux-aws - 4.4.0-1098 linux-azure - 4.15.0-1063 linux-azure - 4.15.0-1078 linux-hwe - 4.15.0-69 linux - 4.4.0-168
Ubuntu 14.04 ESM linux-lts-xenial - 4.4.0-168
References
- CVE-2021-3600
- CVE-2021-33909
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . 7.4) - noarch, x86_64
- Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
-
kernel-rt: update RT source tree to the latest RHEL-8.2.z10 Batch source tree (BZ#1968022)
-
8) - ppc64le, x86_64
-
Description:
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. 7.7) - ppc64, ppc64le, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:2725-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2725 Issue date: 2021-07-20 CVE Names: CVE-2019-20934 CVE-2020-11668 CVE-2021-33033 CVE-2021-33034 CVE-2021-33909 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)
-
kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034)
-
kernel: use-after-free in show_numa_stats function (CVE-2019-20934)
-
kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668)
-
kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c (CVE-2021-33033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
[RHEL7.9.z] n_tty_open: "BUG: unable to handle kernel paging request" (BZ#1872778)
-
[ESXi][RHEL7.8]"qp_alloc_hypercall result = -20" / "Could not attach to queue pair with -20" with vSphere Fault Tolerance enabled (BZ#1892237)
-
[RHEL7.9][s390x][Regression] Sino Nomine swapgen IBM z/VM emulated DASD with DIAG driver returns EOPNOTSUPP (BZ#1910395)
-
False-positive hard lockup detected while processing the thread state information (SysRq-T) (BZ#1912221)
-
RHEL7.9 zstream - s390x LPAR with NVMe SSD will panic when it has 32 or more IFL (pci) (BZ#1917943)
-
The NMI watchdog detected a hard lockup while printing RCU CPU stall warning messages to the serial console (BZ#1924688)
-
nvme hangs when trying to allocate reserved tag (BZ#1926825)
-
[REGRESSION] "call into AER handling regardless of severity" triggers do_recovery() unnecessarily on correctable PCIe errors (BZ#1933663)
-
Module nvme_core: A double free of the kmalloc-512 cache between nvme_trans_log_temperature() and nvme_get_log_page(). (BZ#1946793)
-
sctp - SCTP_CMD_TIMER_START queues active timer kernel BUG at kernel/timer.c:1000! (BZ#1953052)
-
[Hyper-V][RHEL-7]When CONFIG_NET_POLL_CONTROLLER is set, mainline commit 2a7f8c3b1d3fee is needed (BZ#1953075)
-
Kernel panic at cgroup_is_descendant (BZ#1957719)
-
[Hyper-V][RHEL-7]Commits To Fix Kdump Failures (BZ#1957803)
-
IGMPv2 JOIN packets incorrectly routed to loopback (BZ#1958339)
-
[CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap [7.9.z] (BZ#1960193)
-
mlx4: Fix memory allocation in mlx4_buddy_init needed (BZ#1962406)
-
incorrect assertion on pi_state->pi_mutex.wait_lock from pi_state_update_owner() (BZ#1965495)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1824792 - CVE-2020-11668 kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c 1902788 - CVE-2019-20934 kernel: use-after-free in show_numa_stats function 1961300 - CVE-2021-33033 kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-1160.36.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm kernel-doc-3.10.0-1160.36.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-1160.36.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm perf-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-1160.36.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm kernel-doc-3.10.0-1160.36.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-1160.36.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm perf-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-1160.36.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm kernel-doc-3.10.0-1160.36.2.el7.noarch.rpm
ppc64: bpftool-3.10.0-1160.36.2.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm kernel-3.10.0-1160.36.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64.rpm kernel-debug-3.10.0-1160.36.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.36.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.36.2.el7.ppc64.rpm kernel-devel-3.10.0-1160.36.2.el7.ppc64.rpm kernel-headers-3.10.0-1160.36.2.el7.ppc64.rpm kernel-tools-3.10.0-1160.36.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.36.2.el7.ppc64.rpm perf-3.10.0-1160.36.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm python-perf-3.10.0-1160.36.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm
ppc64le: bpftool-3.10.0-1160.36.2.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-debug-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-devel-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-headers-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-tools-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.36.2.el7.ppc64le.rpm perf-3.10.0-1160.36.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm python-perf-3.10.0-1160.36.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm
s390x: bpftool-3.10.0-1160.36.2.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm kernel-3.10.0-1160.36.2.el7.s390x.rpm kernel-debug-3.10.0-1160.36.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.36.2.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.36.2.el7.s390x.rpm kernel-devel-3.10.0-1160.36.2.el7.s390x.rpm kernel-headers-3.10.0-1160.36.2.el7.s390x.rpm kernel-kdump-3.10.0-1160.36.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.36.2.el7.s390x.rpm perf-3.10.0-1160.36.2.el7.s390x.rpm perf-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm python-perf-3.10.0-1160.36.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm
x86_64: bpftool-3.10.0-1160.36.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm perf-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: bpftool-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.36.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.36.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm
ppc64le: bpftool-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.36.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm
x86_64: bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-1160.36.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm kernel-doc-3.10.0-1160.36.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-1160.36.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm perf-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-20934 https://access.redhat.com/security/cve/CVE-2020-11668 https://access.redhat.com/security/cve/CVE-2021-33033 https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYPd0rdzjgjWX9erEAQgSLQ/9FYCaqS1w2FD8A64mwloIz/fRGh5eGMwl 6RgXKj6wOJPaSPYl3Gk4r7hEDx1aO8jwxz5uZ8PRz1K4LFArAGLi3BBc2pCk1QA1 SHPfNuKO8UefwGrqv7Xd6wThwwt+7D8LN2Lg+H2vUYve/NRrxQZOqH7MnQPKsVve ufvaDQjrySGSXkiQHSSDSvlDQB3eaVRCqh10cBwWzsU/lG/JcdvbIo4Oat27S8WU c4VijwACg7Wn7iTYkMMR4xk0iP991QeoYkqusJByGO5K9naZsSU8LxT4i84/mbZB RWJULDHKPHZtfpR+Gz6AOIl7aa8vE8V90263OUWPJG/c0O6u3sWzK5YyGr0Ob82l gbl1BnI+W0BanwMHeiBJq7HmgFU1jYO7vu5w4mnaf9gkDgm1GOBrHaBOHg/qEXWs WR4UDOpnJcZAxMpVJEyk8EolSv7AlcDKTr+J9xu9vKhdbmok0VbtGhjUDXEZI7tT 5FlrM1qfpa9S4EtiUv7hIYGFg78gVoLrXlPMxEyw9zXhYczCypNwbzWyH+O6utTG saiHuayf6WTw582qITDfgI9nenIu9a6rqEu1pg5EuwoqD5ipRVAsmaFBPWdi+exa +I2KV777KAXM2k4XqVbmVcZ1MnvTqCoEwFLy349A3r3Y9JwDJxCu73HU5nifg4LP AMB5i8YI9o8=gDcx -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-1361",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.20"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.5"
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.5"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.16"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.4"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.12.43"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.9.276"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.14.240"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.4.134"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.11"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.13"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.12.19"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.13.4"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.4.276"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.15"
},
{
"model": "hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.13"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.10.52"
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.3"
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.2"
},
{
"model": "sma1000",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "12.4.2-02044"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.19.198"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "163577"
},
{
"db": "PACKETSTORM",
"id": "163580"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163584"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163606"
},
{
"db": "PACKETSTORM",
"id": "163607"
},
{
"db": "PACKETSTORM",
"id": "163608"
}
],
"trust": 0.8
},
"cve": "CVE-2021-33909",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-33909",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-33909",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-33909",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-33909",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. Linux kernel vulnerabilities\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary\n\nSeveral security issues were fixed in the kernel. A local attacker could use this to\npossibly execute arbitrary code. (CVE-2021-3600)\n\nIt was discovered that the virtual file system implementation in the\nLinux kernel contained an unsigned to signed integer conversion error. \nA local attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2021-33909)\n\nUpdate instructions\n\nThe problem can be corrected by updating your kernel livepatch to the\nfollowing versions:\n\nUbuntu 20.04 LTS\n gcp - 79.1\n generic - 79.1\n gke - 79.1\n gkeop - 79.1\n lowlatency - 79.1\n\nUbuntu 18.04 LTS\n generic - 79.1\n gke - 79.1\n gkeop - 79.1\n lowlatency - 79.1\n oem - 79.1\n\nUbuntu 16.04 ESM\n generic - 79.1\n lowlatency - 79.1\n\nUbuntu 14.04 ESM\n generic - 79.1\n lowlatency - 79.1\n\nSupport Information\n\nKernels older than the levels listed below do not receive livepatch\nupdates. If you are running a kernel version earlier than the one\nlisted\nbelow, please upgrade your kernel as soon as possible. \n\nUbuntu 20.04 LTS\n linux-aws - 5.4.0-1009\n linux-azure - 5.4.0-1010\n linux-gcp - 5.4.0-1009\n linux-gke - 5.4.0-1033\n linux-gkeop - 5.4.0-1009\n linux-oem - 5.4.0-26\n linux - 5.4.0-26\n\nUbuntu 18.04 LTS\n linux-aws - 4.15.0-1054\n linux-gke-4.15 - 4.15.0-1076\n linux-gke-5.4 - 5.4.0-1009\n linux-gkeop-5.4 - 5.4.0-1007\n linux-hwe-5.4 - 5.4.0-26\n linux-oem - 4.15.0-1063\n linux - 4.15.0-69\n\nUbuntu 16.04 ESM\n linux-aws - 4.4.0-1098\n linux-azure - 4.15.0-1063\n linux-azure - 4.15.0-1078\n linux-hwe - 4.15.0-69\n linux - 4.4.0-168\n\nUbuntu 14.04 ESM\n linux-lts-xenial - 4.4.0-168\n\nReferences\n\n- CVE-2021-3600\n- CVE-2021-33909\n\n\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n. 7.4) - noarch, x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest RHEL-8.2.z10 Batch source\ntree (BZ#1968022)\n\n4. 8) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. 7.7) - ppc64, ppc64le, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2021:2725-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:2725\nIssue date: 2021-07-20\nCVE Names: CVE-2019-20934 CVE-2020-11668 CVE-2021-33033\n CVE-2021-33034 CVE-2021-33909\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* kernel: size_t-to-int conversion vulnerability in the filesystem layer\n(CVE-2021-33909)\n\n* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an\nhci_chan (CVE-2021-33034)\n\n* kernel: use-after-free in show_numa_stats function (CVE-2019-20934)\n\n* kernel: mishandles invalid descriptors in\ndrivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668)\n\n* kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c\n(CVE-2021-33033)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* [RHEL7.9.z] n_tty_open: \"BUG: unable to handle kernel paging request\"\n(BZ#1872778)\n\n* [ESXi][RHEL7.8]\"qp_alloc_hypercall result = -20\" / \"Could not attach to\nqueue pair with -20\" with vSphere Fault Tolerance enabled (BZ#1892237)\n\n* [RHEL7.9][s390x][Regression] Sino Nomine swapgen IBM z/VM emulated DASD\nwith DIAG driver returns EOPNOTSUPP (BZ#1910395)\n\n* False-positive hard lockup detected while processing the thread state\ninformation (SysRq-T) (BZ#1912221)\n\n* RHEL7.9 zstream - s390x LPAR with NVMe SSD will panic when it has 32 or\nmore IFL (pci) (BZ#1917943)\n\n* The NMI watchdog detected a hard lockup while printing RCU CPU stall\nwarning messages to the serial console (BZ#1924688)\n\n* nvme hangs when trying to allocate reserved tag (BZ#1926825)\n\n* [REGRESSION] \"call into AER handling regardless of severity\" triggers\ndo_recovery() unnecessarily on correctable PCIe errors (BZ#1933663)\n\n* Module nvme_core: A double free of the kmalloc-512 cache between\nnvme_trans_log_temperature() and nvme_get_log_page(). (BZ#1946793)\n\n* sctp - SCTP_CMD_TIMER_START queues active timer kernel BUG at\nkernel/timer.c:1000! (BZ#1953052)\n\n* [Hyper-V][RHEL-7]When CONFIG_NET_POLL_CONTROLLER is set, mainline commit\n2a7f8c3b1d3fee is needed (BZ#1953075)\n\n* Kernel panic at cgroup_is_descendant (BZ#1957719)\n\n* [Hyper-V][RHEL-7]Commits To Fix Kdump Failures (BZ#1957803)\n\n* IGMPv2 JOIN packets incorrectly routed to loopback (BZ#1958339)\n\n* [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap\n[7.9.z] (BZ#1960193)\n\n* mlx4: Fix memory allocation in mlx4_buddy_init needed (BZ#1962406)\n\n* incorrect assertion on pi_state-\u003epi_mutex.wait_lock from\npi_state_update_owner() (BZ#1965495)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1824792 - CVE-2020-11668 kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c\n1902788 - CVE-2019-20934 kernel: use-after-free in show_numa_stats function\n1961300 - CVE-2021-33033 kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c\n1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan\n1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-1160.36.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm\nkernel-doc-3.10.0-1160.36.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.36.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-1160.36.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm\nkernel-doc-3.10.0-1160.36.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.36.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-1160.36.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm\nkernel-doc-3.10.0-1160.36.2.el7.noarch.rpm\n\nppc64:\nbpftool-3.10.0-1160.36.2.el7.ppc64.rpm\nbpftool-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-debug-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-devel-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-headers-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-tools-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-1160.36.2.el7.ppc64.rpm\nperf-3.10.0-1160.36.2.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\npython-perf-3.10.0-1160.36.2.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\n\nppc64le:\nbpftool-3.10.0-1160.36.2.el7.ppc64le.rpm\nbpftool-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-debug-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-devel-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-headers-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-tools-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-1160.36.2.el7.ppc64le.rpm\nperf-3.10.0-1160.36.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\npython-perf-3.10.0-1160.36.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\n\ns390x:\nbpftool-3.10.0-1160.36.2.el7.s390x.rpm\nbpftool-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-debug-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-debug-devel-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-devel-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-headers-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-kdump-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-1160.36.2.el7.s390x.rpm\nperf-3.10.0-1160.36.2.el7.s390x.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm\npython-perf-3.10.0-1160.36.2.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.s390x.rpm\n\nx86_64:\nbpftool-3.10.0-1160.36.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbpftool-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-1160.36.2.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.ppc64.rpm\n\nppc64le:\nbpftool-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-1160.36.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-1160.36.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm\nkernel-doc-3.10.0-1160.36.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1160.36.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-20934\nhttps://access.redhat.com/security/cve/CVE-2020-11668\nhttps://access.redhat.com/security/cve/CVE-2021-33033\nhttps://access.redhat.com/security/cve/CVE-2021-33034\nhttps://access.redhat.com/security/cve/CVE-2021-33909\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-006\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYPd0rdzjgjWX9erEAQgSLQ/9FYCaqS1w2FD8A64mwloIz/fRGh5eGMwl\n6RgXKj6wOJPaSPYl3Gk4r7hEDx1aO8jwxz5uZ8PRz1K4LFArAGLi3BBc2pCk1QA1\nSHPfNuKO8UefwGrqv7Xd6wThwwt+7D8LN2Lg+H2vUYve/NRrxQZOqH7MnQPKsVve\nufvaDQjrySGSXkiQHSSDSvlDQB3eaVRCqh10cBwWzsU/lG/JcdvbIo4Oat27S8WU\nc4VijwACg7Wn7iTYkMMR4xk0iP991QeoYkqusJByGO5K9naZsSU8LxT4i84/mbZB\nRWJULDHKPHZtfpR+Gz6AOIl7aa8vE8V90263OUWPJG/c0O6u3sWzK5YyGr0Ob82l\ngbl1BnI+W0BanwMHeiBJq7HmgFU1jYO7vu5w4mnaf9gkDgm1GOBrHaBOHg/qEXWs\nWR4UDOpnJcZAxMpVJEyk8EolSv7AlcDKTr+J9xu9vKhdbmok0VbtGhjUDXEZI7tT\n5FlrM1qfpa9S4EtiUv7hIYGFg78gVoLrXlPMxEyw9zXhYczCypNwbzWyH+O6utTG\nsaiHuayf6WTw582qITDfgI9nenIu9a6rqEu1pg5EuwoqD5ipRVAsmaFBPWdi+exa\n+I2KV777KAXM2k4XqVbmVcZ1MnvTqCoEwFLy349A3r3Y9JwDJxCu73HU5nifg4LP\nAMB5i8YI9o8=gDcx\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33909"
},
{
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"db": "PACKETSTORM",
"id": "163671"
},
{
"db": "PACKETSTORM",
"id": "163577"
},
{
"db": "PACKETSTORM",
"id": "163580"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163584"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163606"
},
{
"db": "PACKETSTORM",
"id": "163607"
},
{
"db": "PACKETSTORM",
"id": "163608"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-33909",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "163671",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/09/21/1",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/07/20/1",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/08/25/10",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/09/17/2",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/07/22/7",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/09/17/4",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "164155",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "163621",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "165477",
"trust": 1.0
},
{
"db": "VULMON",
"id": "CVE-2021-33909",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163577",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163580",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163583",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163584",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163603",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163606",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163608",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"db": "PACKETSTORM",
"id": "163671"
},
{
"db": "PACKETSTORM",
"id": "163577"
},
{
"db": "PACKETSTORM",
"id": "163580"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163584"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163606"
},
{
"db": "PACKETSTORM",
"id": "163607"
},
{
"db": "PACKETSTORM",
"id": "163608"
},
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"id": "VAR-202107-1361",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26739928
},
"last_update_date": "2024-11-29T19:58:47.190000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Amazon Linux AMI: ALAS-2021-1524",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2021-1524"
},
{
"title": "Debian Security Advisories: DSA-4941-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=fb9b5f5cc430f484f4420a11b7b87136"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-055",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-055"
},
{
"title": "Amazon Linux 2: ALAS2KERNEL-5.10-2022-003",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2KERNEL-5.10-2022-003"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1691",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2021-1691"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-057",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-057"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-056",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-056"
},
{
"title": "Arch Linux Advisories: [ASA-202107-48] linux: privilege escalation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-48"
},
{
"title": "Arch Linux Advisories: [ASA-202107-50] linux-hardened: privilege escalation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-50"
},
{
"title": "Amazon Linux 2: ALAS2KERNEL-5.4-2022-005",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2KERNEL-5.4-2022-005"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-058",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-058"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-059",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-059"
},
{
"title": "Arch Linux Advisories: [ASA-202107-49] linux-zen: privilege escalation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-49"
},
{
"title": "Arch Linux Advisories: [ASA-202107-51] linux-lts: privilege escalation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-51"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-33909 log"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ec6577109e640dac19a6ddb978afe82d"
},
{
"title": "LinuxVulnerabilities",
"trust": 0.1,
"url": "https://github.com/gitezri/LinuxVulnerabilities "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2021-33909 "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/AmIAHuman/CVE-2021-33909 "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/Liang2580/CVE-2021-33909 "
},
{
"title": "cve-2021-33909",
"trust": 0.1,
"url": "https://github.com/baerwolf/cve-2021-33909 "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/bbinfosec43/CVE-2021-33909 "
},
{
"title": "deep-directory",
"trust": 0.1,
"url": "https://github.com/sfowl/deep-directory "
},
{
"title": "integer_compilation_flags",
"trust": 0.1,
"url": "https://github.com/mdulin2/integer_compilation_flags "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/AlAIAL90/CVE-2021-33909 "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/ChrisTheCoolHut/CVE-2021-33909 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/knewbury01/codeql-workshop-integer-conversion "
},
{
"title": "kickstart-rhel8",
"trust": 0.1,
"url": "https://github.com/alexhaydock/kickstart-rhel8 "
},
{
"title": "exploit_articles",
"trust": 0.1,
"url": "https://github.com/ChoKyuWon/exploit_articles "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hardenedvault/ved "
},
{
"title": "SVG-advisories",
"trust": 0.1,
"url": "https://github.com/EGI-Federation/SVG-advisories "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/makoto56/penetration-suite-toolkit "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-33909"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-190",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/163621/sequoia-a-deep-root-in-linuxs-filesystem-layer.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/163671/kernel-live-patch-security-notice-lsn-0079-1.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/164155/kernel-live-patch-security-notice-lsn-0081-1.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/165477/kernel-live-patch-security-notice-lsn-0083-1.html"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/07/22/7"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/08/25/10"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/09/17/2"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/09/17/4"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/09/21/1"
},
{
"trust": 1.0,
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/changelog-5.13.4"
},
{
"trust": 1.0,
"url": "https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/z4uhhigiso3fvrf4cqnjs4ika25atsfu/"
},
{
"trust": 1.0,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2022-0015"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20210819-0004/"
},
{
"trust": 1.0,
"url": "https://www.debian.org/security/2021/dsa-4941"
},
{
"trust": 1.0,
"url": "https://www.openwall.com/lists/oss-security/2021/07/20/1"
},
{
"trust": 1.0,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33909"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2021-33909"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-006"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33034"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2021-33034"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3347"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3347"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20934"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-33033"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11668"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20934"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11668"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3600"
},
{
"trust": 0.1,
"url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2733"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2732"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28374"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2730"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35508"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25704"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26541"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35508"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25704"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-32399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2716"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2728"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2726"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2725"
}
],
"sources": [
{
"db": "PACKETSTORM",
"id": "163671"
},
{
"db": "PACKETSTORM",
"id": "163577"
},
{
"db": "PACKETSTORM",
"id": "163580"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163584"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163606"
},
{
"db": "PACKETSTORM",
"id": "163607"
},
{
"db": "PACKETSTORM",
"id": "163608"
},
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"db": "PACKETSTORM",
"id": "163671"
},
{
"db": "PACKETSTORM",
"id": "163577"
},
{
"db": "PACKETSTORM",
"id": "163580"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163584"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163606"
},
{
"db": "PACKETSTORM",
"id": "163607"
},
{
"db": "PACKETSTORM",
"id": "163608"
},
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"date": "2021-07-26T15:52:13",
"db": "PACKETSTORM",
"id": "163671"
},
{
"date": "2021-07-21T16:01:56",
"db": "PACKETSTORM",
"id": "163577"
},
{
"date": "2021-07-21T16:02:21",
"db": "PACKETSTORM",
"id": "163580"
},
{
"date": "2021-07-21T16:02:44",
"db": "PACKETSTORM",
"id": "163583"
},
{
"date": "2021-07-21T16:02:50",
"db": "PACKETSTORM",
"id": "163584"
},
{
"date": "2021-07-21T16:05:14",
"db": "PACKETSTORM",
"id": "163603"
},
{
"date": "2021-07-21T16:05:35",
"db": "PACKETSTORM",
"id": "163606"
},
{
"date": "2021-07-21T16:05:44",
"db": "PACKETSTORM",
"id": "163607"
},
{
"date": "2021-07-21T16:06:02",
"db": "PACKETSTORM",
"id": "163608"
},
{
"date": "2021-07-20T19:15:09.747000",
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"date": "2023-11-07T03:35:56.050000",
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "163671"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kernel Live Patch Security Notice LSN-0079-1",
"sources": [
{
"db": "PACKETSTORM",
"id": "163671"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "163671"
}
],
"trust": 0.1
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.