CVE-2021-4204

An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.8.0:-:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:37

Type Values Removed Values Added
References () https://access.redhat.com/security/cve/CVE-2021-4204 - Mitigation, Third Party Advisory () https://access.redhat.com/security/cve/CVE-2021-4204 - Mitigation, Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2039178 - Issue Tracking, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2039178 - Issue Tracking, Third Party Advisory
References () https://security-tracker.debian.org/tracker/CVE-2021-4204 - Third Party Advisory () https://security-tracker.debian.org/tracker/CVE-2021-4204 - Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20221228-0003/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20221228-0003/ - Third Party Advisory
References () https://www.openwall.com/lists/oss-security/2022/01/11/4 - Mailing List, Patch, Third Party Advisory () https://www.openwall.com/lists/oss-security/2022/01/11/4 - Mailing List, Patch, Third Party Advisory

18 Jul 2023, 13:52

Type Values Removed Values Added
CWE CWE-20 CWE-119

Information

Published : 2022-08-24 16:15

Updated : 2024-11-21 06:37


NVD link : CVE-2021-4204

Mitre link : CVE-2021-4204

CVE.ORG link : CVE-2021-4204


JSON object : View

Products Affected

netapp

  • h700s
  • h300s
  • h300s_firmware
  • h410s_firmware
  • h410c_firmware
  • h500s
  • h410c
  • h700s_firmware
  • h410s
  • h500s_firmware

redhat

  • enterprise_linux

linux

  • linux_kernel

debian

  • debian_linux
CWE
CWE-20

Improper Input Validation

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer