Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2021-3483

Published: 17/05/2021 Updated: 13/05/2022
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Linux

Vulnerability Summary

It exists that the aufs file system in the Linux kernel did not properly maintain POSIX ACL xattr data, when mounted with the non-default allow_userns option. A local attacker could possibly use this to gain elevated privileges. (CVE-2016-2854) ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 5.12

linux linux kernel

debian debian linux 9.0

netapp cloud backup -

netapp h300s_firmware -

netapp h500s_firmware -

netapp h700s_firmware -

netapp h300e_firmware -

netapp h500e_firmware -

netapp h700e_firmware -

netapp h410s_firmware -

netapp h410c_firmware -

Vendor Advisories

Ubuntu Security Notice: USN-5343-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5299-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Amazon Linux 2: ALAS2-2021-1627
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_bufferc in the Linux kernel before 539 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41 (CVE-2019-19060) A bypass was found for the Spectre v1 hardening in the eBPF engine of the Linux kernel The code in the kernel/bpf/verifier ...
Red Hat: CVE-2021-3483
No description is available for this CVE ...
Arch Linux Issues:
A security issue has been found in the Linux kernel in Linux/drivers/firewire/nosyc Nosy is an IEEE 1394 packet sniffer which is used for protocol analysis and in the development of IEEE 1394 drivers, applications, or firmware Incorrect handling of elements in a doubly linked list when opening nosy devices can lead to use after free ...

References

CWE-416http://www.openwall.com/lists/oss-security/2021/04/07/1https://bugzilla.redhat.com/show_bug.cgi?id=1948045https://lists.debian.org/debian-lts-announce/2021/06/msg00019.htmlhttps://lists.debian.org/debian-lts-announce/2021/06/msg00020.htmlhttps://security.netapp.com/advisory/ntap-20210629-0002/https://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5343-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook