VAR-202107-1361
Vulnerability from variot - Updated: 2026-03-09 20:45fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. 6 ELS) - i386, s390x, x86_64
-
8) - x86_64
-
Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
-
kernel-rt: update RT source tree to the RHEL-8.4.z2 source tree (BZ#1975405)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:2730-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2730 Issue date: 2021-07-20 CVE Names: CVE-2021-3347 CVE-2021-33034 CVE-2021-33909 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)
-
kernel: Use after free via PI futex state (CVE-2021-3347)
-
kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
[CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap [7.9.z] (BZ#1975159)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1922249 - CVE-2021-3347 kernel: Use after free via PI futex state 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.6):
Source: kernel-3.10.0-957.78.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-957.78.2.el7.x86_64.rpm kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.6):
Source: kernel-3.10.0-957.78.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm
ppc64le: kernel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm kernel-devel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-headers-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-957.78.2.el7.ppc64le.rpm perf-3.10.0-957.78.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
x86_64: kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.6):
Source: kernel-3.10.0-957.78.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-957.78.2.el7.x86_64.rpm kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.6):
x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.6):
ppc64le: kernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.6):
x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-3347 https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYPc/p9zjgjWX9erEAQiGYQ/6Apfv6Vn+s1cJsOrv5bpIB+TZWR8Dw4w6 7q5tqmrA0W38qvq7EWqVwAZMtmF2YXIcuP8i8zELAPG/Y1oMax3Piy5nxc4OR55i 8H9pc0lGZn9UJtryWMPaJRqvWGF1WhE/vGPUkHhI3CmoSVDN3B3OqfC04oeVa/Gt f9wikugrLvXoD+YsJk1LAn0tJ+xGrcbMRvwxvvtvwRsje2cGPU6OAEWQr1ZKyNZc Fwi6jLUve8d3wxE6+C6IocTYMcZcw2e2U4KOwE/ONXjjNgbwV+deQU16HJk4BjcA rDqtVUWzNGXzONh6Ua4yEisVe8LdhPNoZaciNx56lKpOs8Vbv58w29edfR1zf0fW c1gH+0S19jDSwsESNSKJth5A/GY0zxsUeh5qDjoFUF1AH6IuZNmPb3VGcl5klKuo outLUo2jeIRiBiZaNSVe32nbWCEkAoFF5WrvfHYmi+i9U45gLvUG2N58ZtOQiQkb potW9xF7f15Mm1Xm9TOIaNy+ykh7TJRxKnQSaAk/jnzTLp3XeVNmPTztx7zA4Z50 bgM/MQWB9j7NMjwEopdbS4lxJsvaXerwXPT+1WDAzBZ5clOKyB5hTxTTBOrsErzs O+wKRVu9eU4FMR6ULeL+pLCZPm0eVlu9jBuySEUI05/FkAVu/YUDrgXvMiy6XknI ziN+XVubHjk=1ifB -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 7) - ppc64le, x86_64
- Description:
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. ========================================================================= Ubuntu Security Notice USN-5016-1 July 20, 2021
linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp, linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8, linux-raspi vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134)
It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: linux-image-5.8.0-1032-raspi 5.8.0-1032.35 linux-image-5.8.0-1032-raspi-nolpae 5.8.0-1032.35 linux-image-5.8.0-1033-kvm 5.8.0-1033.36 linux-image-5.8.0-1037-oracle 5.8.0-1037.38 linux-image-5.8.0-1038-gcp 5.8.0-1038.40 linux-image-5.8.0-1039-azure 5.8.0-1039.42 linux-image-5.8.0-1041-aws 5.8.0-1041.43 linux-image-5.8.0-63-generic 5.8.0-63.71 linux-image-5.8.0-63-generic-64k 5.8.0-63.71 linux-image-5.8.0-63-generic-lpae 5.8.0-63.71 linux-image-5.8.0-63-lowlatency 5.8.0-63.71 linux-image-aws 5.8.0.1041.43 linux-image-azure 5.8.0.1039.40 linux-image-gcp 5.8.0.1038.38 linux-image-generic 5.8.0.63.69 linux-image-generic-64k 5.8.0.63.69 linux-image-generic-lpae 5.8.0.63.69 linux-image-gke 5.8.0.1038.38 linux-image-kvm 5.8.0.1033.36 linux-image-lowlatency 5.8.0.63.69 linux-image-oem-20.04 5.8.0.63.69 linux-image-oracle 5.8.0.1037.36 linux-image-raspi 5.8.0.1032.34 linux-image-raspi-nolpae 5.8.0.1032.34 linux-image-virtual 5.8.0.63.69
Ubuntu 20.04 LTS: linux-image-5.8.0-1037-oracle 5.8.0-1037.38~20.04.1 linux-image-5.8.0-1038-gcp 5.8.0-1038.40~20.04.1 linux-image-5.8.0-1039-azure 5.8.0-1039.42~20.04.1 linux-image-5.8.0-1041-aws 5.8.0-1041.43~20.04.1 linux-image-5.8.0-63-generic 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-64k 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-lpae 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-lowlatency 5.8.0-63.71~20.04.1 linux-image-aws 5.8.0.1041.43~20.04.13 linux-image-azure 5.8.0.1039.42~20.04.11 linux-image-gcp 5.8.0.1038.40~20.04.13 linux-image-generic-64k-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-generic-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-generic-lpae-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-lowlatency-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-oracle 5.8.0.1037.38~20.04.13 linux-image-virtual-hwe-20.04 5.8.0.63.71~20.04.45
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. An attacker in a guest VM could use this to write to portions of the host’s physical memory. (CVE-2021-3653)
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host’s physical memory. (CVE-2021-22555)
It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. If you are running a kernel version earlier than the one listed below, please upgrade your kernel as soon as possible
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.20"
},
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.5"
},
{
"_id": null,
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.0"
},
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.5"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"_id": null,
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.16"
},
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.10"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"_id": null,
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.4"
},
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.12.43"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.9.276"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.14.240"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.4.134"
},
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.11"
},
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.13"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.12.19"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.13.4"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.4.276"
},
{
"_id": null,
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.15"
},
{
"_id": null,
"model": "hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.13"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.10.52"
},
{
"_id": null,
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.3"
},
{
"_id": null,
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.2"
},
{
"_id": null,
"model": "sma1000",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "12.4.2-02044"
},
{
"_id": null,
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.19.198"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "163578"
},
{
"db": "PACKETSTORM",
"id": "163579"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163594"
},
{
"db": "PACKETSTORM",
"id": "163602"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163607"
}
],
"trust": 0.7
},
"cve": "CVE-2021-33909",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-33909",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-33909",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-33909",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-33909",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"description": {
"_id": null,
"data": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. 6 ELS) - i386, s390x, x86_64\n\n3. 8) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the RHEL-8.4.z2 source tree\n(BZ#1975405)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2021:2730-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:2730\nIssue date: 2021-07-20\nCVE Names: CVE-2021-3347 CVE-2021-33034 CVE-2021-33909\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.6\nAdvanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.6 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* kernel: size_t-to-int conversion vulnerability in the filesystem layer\n(CVE-2021-33909)\n\n* kernel: Use after free via PI futex state (CVE-2021-3347)\n\n* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an\nhci_chan (CVE-2021-33034)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap\n[7.9.z] (BZ#1975159)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1922249 - CVE-2021-3347 kernel: Use after free via PI futex state\n1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan\n1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.6):\n\nSource:\nkernel-3.10.0-957.78.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm\nkernel-doc-3.10.0-957.78.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-devel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-headers-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm\nperf-3.10.0-957.78.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.6):\n\nSource:\nkernel-3.10.0-957.78.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm\nkernel-doc-3.10.0-957.78.2.el7.noarch.rpm\n\nppc64le:\nkernel-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-debug-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-devel-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-headers-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-tools-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-957.78.2.el7.ppc64le.rpm\nperf-3.10.0-957.78.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\npython-perf-3.10.0-957.78.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\n\nx86_64:\nkernel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-devel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-headers-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm\nperf-3.10.0-957.78.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.6):\n\nSource:\nkernel-3.10.0-957.78.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm\nkernel-doc-3.10.0-957.78.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-devel-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-headers-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm\nperf-3.10.0-957.78.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.6):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6):\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-957.78.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.6):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-3347\nhttps://access.redhat.com/security/cve/CVE-2021-33034\nhttps://access.redhat.com/security/cve/CVE-2021-33909\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-006\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYPc/p9zjgjWX9erEAQiGYQ/6Apfv6Vn+s1cJsOrv5bpIB+TZWR8Dw4w6\n7q5tqmrA0W38qvq7EWqVwAZMtmF2YXIcuP8i8zELAPG/Y1oMax3Piy5nxc4OR55i\n8H9pc0lGZn9UJtryWMPaJRqvWGF1WhE/vGPUkHhI3CmoSVDN3B3OqfC04oeVa/Gt\nf9wikugrLvXoD+YsJk1LAn0tJ+xGrcbMRvwxvvtvwRsje2cGPU6OAEWQr1ZKyNZc\nFwi6jLUve8d3wxE6+C6IocTYMcZcw2e2U4KOwE/ONXjjNgbwV+deQU16HJk4BjcA\nrDqtVUWzNGXzONh6Ua4yEisVe8LdhPNoZaciNx56lKpOs8Vbv58w29edfR1zf0fW\nc1gH+0S19jDSwsESNSKJth5A/GY0zxsUeh5qDjoFUF1AH6IuZNmPb3VGcl5klKuo\noutLUo2jeIRiBiZaNSVe32nbWCEkAoFF5WrvfHYmi+i9U45gLvUG2N58ZtOQiQkb\npotW9xF7f15Mm1Xm9TOIaNy+ykh7TJRxKnQSaAk/jnzTLp3XeVNmPTztx7zA4Z50\nbgM/MQWB9j7NMjwEopdbS4lxJsvaXerwXPT+1WDAzBZ5clOKyB5hTxTTBOrsErzs\nO+wKRVu9eU4FMR6ULeL+pLCZPm0eVlu9jBuySEUI05/FkAVu/YUDrgXvMiy6XknI\nziN+XVubHjk=1ifB\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 7) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. =========================================================================\nUbuntu Security Notice USN-5016-1\nJuly 20, 2021\n\nlinux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp,\nlinux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8,\nlinux-raspi vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.10\n- Ubuntu 20.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. A local\nattacker could use this to cause a denial of service (system crash) or\nexecute arbitrary code. (CVE-2021-33909)\n\nOr Cohen and Nadav Markus discovered a use-after-free vulnerability in the\nnfc implementation in the Linux kernel. A privileged local attacker could\nuse this issue to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2021-23134)\n\nIt was discovered that a race condition in the kernel Bluetooth subsystem\ncould lead to use-after-free of slab objects. An attacker could use this\nissue to possibly execute arbitrary code. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2021-33034)\n\nIt was discovered that an out-of-bounds (OOB) memory access flaw existed in\nthe f2fs module of the Linux kernel. A local attacker could use this issue\nto cause a denial of service (system crash). (CVE-2021-3506)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.10:\n linux-image-5.8.0-1032-raspi 5.8.0-1032.35\n linux-image-5.8.0-1032-raspi-nolpae 5.8.0-1032.35\n linux-image-5.8.0-1033-kvm 5.8.0-1033.36\n linux-image-5.8.0-1037-oracle 5.8.0-1037.38\n linux-image-5.8.0-1038-gcp 5.8.0-1038.40\n linux-image-5.8.0-1039-azure 5.8.0-1039.42\n linux-image-5.8.0-1041-aws 5.8.0-1041.43\n linux-image-5.8.0-63-generic 5.8.0-63.71\n linux-image-5.8.0-63-generic-64k 5.8.0-63.71\n linux-image-5.8.0-63-generic-lpae 5.8.0-63.71\n linux-image-5.8.0-63-lowlatency 5.8.0-63.71\n linux-image-aws 5.8.0.1041.43\n linux-image-azure 5.8.0.1039.40\n linux-image-gcp 5.8.0.1038.38\n linux-image-generic 5.8.0.63.69\n linux-image-generic-64k 5.8.0.63.69\n linux-image-generic-lpae 5.8.0.63.69\n linux-image-gke 5.8.0.1038.38\n linux-image-kvm 5.8.0.1033.36\n linux-image-lowlatency 5.8.0.63.69\n linux-image-oem-20.04 5.8.0.63.69\n linux-image-oracle 5.8.0.1037.36\n linux-image-raspi 5.8.0.1032.34\n linux-image-raspi-nolpae 5.8.0.1032.34\n linux-image-virtual 5.8.0.63.69\n\nUbuntu 20.04 LTS:\n linux-image-5.8.0-1037-oracle 5.8.0-1037.38~20.04.1\n linux-image-5.8.0-1038-gcp 5.8.0-1038.40~20.04.1\n linux-image-5.8.0-1039-azure 5.8.0-1039.42~20.04.1\n linux-image-5.8.0-1041-aws 5.8.0-1041.43~20.04.1\n linux-image-5.8.0-63-generic 5.8.0-63.71~20.04.1\n linux-image-5.8.0-63-generic-64k 5.8.0-63.71~20.04.1\n linux-image-5.8.0-63-generic-lpae 5.8.0-63.71~20.04.1\n linux-image-5.8.0-63-lowlatency 5.8.0-63.71~20.04.1\n linux-image-aws 5.8.0.1041.43~20.04.13\n linux-image-azure 5.8.0.1039.42~20.04.11\n linux-image-gcp 5.8.0.1038.40~20.04.13\n linux-image-generic-64k-hwe-20.04 5.8.0.63.71~20.04.45\n linux-image-generic-hwe-20.04 5.8.0.63.71~20.04.45\n linux-image-generic-lpae-hwe-20.04 5.8.0.63.71~20.04.45\n linux-image-lowlatency-hwe-20.04 5.8.0.63.71~20.04.45\n linux-image-oracle 5.8.0.1037.38~20.04.13\n linux-image-virtual-hwe-20.04 5.8.0.63.71~20.04.45\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. An attacker in a guest VM could use\nthis to write to portions of the host\u2019s physical memory. (CVE-2021-3653)\n\nMaxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor\nimplementation for AMD processors in the Linux kernel allowed a guest VM\nto disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker\nin a guest VM could use this to read or write portions of the host\u2019s\nphysical memory. (CVE-2021-22555)\n\nIt was discovered that the virtual file system implementation in the\nLinux kernel contained an unsigned to signed integer conversion error. If you are running a kernel version earlier than the one listed\nbelow, please upgrade your kernel as soon as possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33909"
},
{
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"db": "PACKETSTORM",
"id": "163578"
},
{
"db": "PACKETSTORM",
"id": "163579"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163594"
},
{
"db": "PACKETSTORM",
"id": "163597"
},
{
"db": "PACKETSTORM",
"id": "163602"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163607"
},
{
"db": "PACKETSTORM",
"id": "164155"
}
],
"trust": 1.8
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-33909",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "164155",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/09/21/1",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/07/20/1",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/08/25/10",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/09/17/2",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/07/22/7",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/09/17/4",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "163621",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "163671",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "165477",
"trust": 1.0
},
{
"db": "VULMON",
"id": "CVE-2021-33909",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163578",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163579",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163583",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163594",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163597",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163602",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163603",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-33909"
},
{
"db": "PACKETSTORM",
"id": "163578"
},
{
"db": "PACKETSTORM",
"id": "163579"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163594"
},
{
"db": "PACKETSTORM",
"id": "163597"
},
{
"db": "PACKETSTORM",
"id": "163602"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163607"
},
{
"db": "PACKETSTORM",
"id": "164155"
},
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"id": "VAR-202107-1361",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26739928
},
"last_update_date": "2026-03-09T20:45:16.848000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Amazon Linux AMI: ALAS-2021-1524",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2021-1524"
},
{
"title": "Debian Security Advisories: DSA-4941-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=fb9b5f5cc430f484f4420a11b7b87136"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-055",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-055"
},
{
"title": "Amazon Linux 2: ALAS2KERNEL-5.10-2022-003",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2KERNEL-5.10-2022-003"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1691",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2021-1691"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-057",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-057"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-056",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-056"
},
{
"title": "Arch Linux Advisories: [ASA-202107-48] linux: privilege escalation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-48"
},
{
"title": "Arch Linux Advisories: [ASA-202107-50] linux-hardened: privilege escalation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-50"
},
{
"title": "Amazon Linux 2: ALAS2KERNEL-5.4-2022-005",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2KERNEL-5.4-2022-005"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-058",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-058"
},
{
"title": "Amazon Linux 2: ALAS2LIVEPATCH-2021-059",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2LIVEPATCH-2021-059"
},
{
"title": "Arch Linux Advisories: [ASA-202107-49] linux-zen: privilege escalation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-49"
},
{
"title": "Arch Linux Advisories: [ASA-202107-51] linux-lts: privilege escalation",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-51"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-33909 log"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ec6577109e640dac19a6ddb978afe82d"
},
{
"title": "LinuxVulnerabilities",
"trust": 0.1,
"url": "https://github.com/gitezri/LinuxVulnerabilities "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2021-33909 "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/AmIAHuman/CVE-2021-33909 "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/Liang2580/CVE-2021-33909 "
},
{
"title": "cve-2021-33909",
"trust": 0.1,
"url": "https://github.com/baerwolf/cve-2021-33909 "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/bbinfosec43/CVE-2021-33909 "
},
{
"title": "deep-directory",
"trust": 0.1,
"url": "https://github.com/sfowl/deep-directory "
},
{
"title": "integer_compilation_flags",
"trust": 0.1,
"url": "https://github.com/mdulin2/integer_compilation_flags "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/AlAIAL90/CVE-2021-33909 "
},
{
"title": "CVE-2021-33909",
"trust": 0.1,
"url": "https://github.com/ChrisTheCoolHut/CVE-2021-33909 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/knewbury01/codeql-workshop-integer-conversion "
},
{
"title": "kickstart-rhel8",
"trust": 0.1,
"url": "https://github.com/alexhaydock/kickstart-rhel8 "
},
{
"title": "exploit_articles",
"trust": 0.1,
"url": "https://github.com/ChoKyuWon/exploit_articles "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hardenedvault/ved "
},
{
"title": "SVG-advisories",
"trust": 0.1,
"url": "https://github.com/EGI-Federation/SVG-advisories "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/makoto56/penetration-suite-toolkit "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-33909"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-190",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/163621/sequoia-a-deep-root-in-linuxs-filesystem-layer.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/163671/kernel-live-patch-security-notice-lsn-0079-1.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/164155/kernel-live-patch-security-notice-lsn-0081-1.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/165477/kernel-live-patch-security-notice-lsn-0083-1.html"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/07/22/7"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/08/25/10"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/09/17/2"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/09/17/4"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2021/09/21/1"
},
{
"trust": 1.0,
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/changelog-5.13.4"
},
{
"trust": 1.0,
"url": "https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/z4uhhigiso3fvrf4cqnjs4ika25atsfu/"
},
{
"trust": 1.0,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2022-0015"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20210819-0004/"
},
{
"trust": 1.0,
"url": "https://www.debian.org/security/2021/dsa-4941"
},
{
"trust": 1.0,
"url": "https://www.openwall.com/lists/oss-security/2021/07/20/1"
},
{
"trust": 1.0,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33909"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2021-33909"
},
{
"trust": 0.7,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-006"
},
{
"trust": 0.7,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33034"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-33034"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32399"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3347"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3347"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-32399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2735"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12362"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2715"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2730"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2727"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-63.71~20.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23134"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1041.43"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1038.40"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5016-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws-5.8/5.8.0-1041.43~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.8.0-63.71"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle-5.8/5.8.0-1037.38~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1039.42"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1032.35"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3506"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1037.38"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1039.42~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1033.36"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp-5.8/5.8.0-1038.40~20.04.1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2720"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2716"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2726"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20934"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11668"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20934"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11668"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3653"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3656"
},
{
"trust": 0.1,
"url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
}
],
"sources": [
{
"db": "PACKETSTORM",
"id": "163578"
},
{
"db": "PACKETSTORM",
"id": "163579"
},
{
"db": "PACKETSTORM",
"id": "163583"
},
{
"db": "PACKETSTORM",
"id": "163594"
},
{
"db": "PACKETSTORM",
"id": "163597"
},
{
"db": "PACKETSTORM",
"id": "163602"
},
{
"db": "PACKETSTORM",
"id": "163603"
},
{
"db": "PACKETSTORM",
"id": "163607"
},
{
"db": "PACKETSTORM",
"id": "164155"
},
{
"db": "NVD",
"id": "CVE-2021-33909"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULMON",
"id": "CVE-2021-33909",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163578",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163579",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163583",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163594",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163597",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163602",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163603",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "163607",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "164155",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-33909",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-07-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33909",
"ident": null
},
{
"date": "2021-07-21T16:02:03",
"db": "PACKETSTORM",
"id": "163578",
"ident": null
},
{
"date": "2021-07-21T16:02:11",
"db": "PACKETSTORM",
"id": "163579",
"ident": null
},
{
"date": "2021-07-21T16:02:44",
"db": "PACKETSTORM",
"id": "163583",
"ident": null
},
{
"date": "2021-07-21T16:04:11",
"db": "PACKETSTORM",
"id": "163594",
"ident": null
},
{
"date": "2021-07-21T16:04:29",
"db": "PACKETSTORM",
"id": "163597",
"ident": null
},
{
"date": "2021-07-21T16:05:06",
"db": "PACKETSTORM",
"id": "163602",
"ident": null
},
{
"date": "2021-07-21T16:05:14",
"db": "PACKETSTORM",
"id": "163603",
"ident": null
},
{
"date": "2021-07-21T16:05:44",
"db": "PACKETSTORM",
"id": "163607",
"ident": null
},
{
"date": "2021-09-14T16:28:49",
"db": "PACKETSTORM",
"id": "164155",
"ident": null
},
{
"date": "2021-07-20T19:15:09.747000",
"db": "NVD",
"id": "CVE-2021-33909",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33909",
"ident": null
},
{
"date": "2023-11-07T03:35:56.050000",
"db": "NVD",
"id": "CVE-2021-33909",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "163597"
}
],
"trust": 0.1
},
"title": {
"_id": null,
"data": "Red Hat Security Advisory 2021-2735-01",
"sources": [
{
"db": "PACKETSTORM",
"id": "163578"
}
],
"trust": 0.1
},
"type": {
"_id": null,
"data": "overflow",
"sources": [
{
"db": "PACKETSTORM",
"id": "163578"
}
],
"trust": 0.1
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.