fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
History
21 Nov 2024, 06:09
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html - Exploit, Third Party Advisory, VDB Entry | |
References | () http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html - Third Party Advisory, VDB Entry | |
References | () http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html - Third Party Advisory, VDB Entry | |
References | () http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html - Third Party Advisory, VDB Entry | |
References | () http://www.openwall.com/lists/oss-security/2021/07/22/7 - Mailing List, Third Party Advisory | |
References | () http://www.openwall.com/lists/oss-security/2021/08/25/10 - Mailing List, Third Party Advisory | |
References | () http://www.openwall.com/lists/oss-security/2021/09/17/2 - Mailing List, Third Party Advisory | |
References | () http://www.openwall.com/lists/oss-security/2021/09/17/4 - Mailing List, Third Party Advisory | |
References | () http://www.openwall.com/lists/oss-security/2021/09/21/1 - Mailing List, Third Party Advisory | |
References | () https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 - Mailing List, Patch, Vendor Advisory | |
References | () https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b - Patch, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4UHHIGISO3FVRF4CQNJS4IKA25ATSFU/ - | |
References | () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015 - Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20210819-0004/ - Third Party Advisory | |
References | () https://www.debian.org/security/2021/dsa-4941 - Third Party Advisory | |
References | () https://www.openwall.com/lists/oss-security/2021/07/20/1 - Exploit, Mailing List, Third Party Advisory | |
References | () https://www.oracle.com/security-alerts/cpujan2022.html - Patch, Third Party Advisory |
07 Nov 2023, 03:35
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-07-20 19:15
Updated : 2024-11-21 06:09
NVD link : CVE-2021-33909
Mitre link : CVE-2021-33909
CVE.ORG link : CVE-2021-33909
JSON object : View
Products Affected
sonicwall
- sma1000
- sma1000_firmware
netapp
- hci_management_node
- solidfire
linux
- linux_kernel
oracle
- communications_session_border_controller
debian
- debian_linux
fedoraproject
- fedora