CVE-2021-3715

Published: 02/03/2022 Updated: 24/01/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 76 Update Services for SAP SolutionsRed Hat Produ ...

Hello Team, A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition This flaw allows unprivileged local users to escalate their privileges on the system The highest threat from this vulnerabilit ...

Thank you Greg, Correction please, This issue was fixed in the upstream Kernel 56 onward with ef299cc3fa1a9 Rohit Keshri / Red Hat Product Security Team PGP: OX01BC 858A 07B7 15C8 EF33 BFE2 2EEB 0CBC 84A4 4C2D secalert () redhat com for urgent response On Tue, Sep 7, 2021 at 3:47 PM Greg KH <greg () kroah com> wrote: ...

On Tue, Sep 07, 2021 at 02:09:52PM +0530, Rohit Keshri wrote: Note, commit ef299cc3fa1a ("net_sched: cls_route: remove the right filter from hashtable") came out in the 56 kernel release, in March of 2020, and was also backported to all relevant stable kernel releases at the beginning of April, 2020: 44218 49218 414175 419114 54 ...

GREBE GREBE is an object-driven tool to identify Multiple Error Behavior of kernel bugs GREBE consists of two components -- a static analysis tool to identify critical kernel objects of triggering the bug, and a fuzzing tool based Syzkaller to find its other error behavior Refer to our paper for more details Usage scenario You find a low-severity bug in kernel, and would lik

exploit for CVE-2022-2588

CVE-2022-2588 The fix The bug is fixed in Linux v519 by this commit The bug The bug was introduced in Linux v317 by this commit back to 2014 It requires User Namespaces to trigger This bug is very similar to CVE-2021-3715, which was caused by improper operation on the route4_filter's linked list More details of CVE-2021-3715 could be found at the blackhat talk (page

CWE-416 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359 https://access.redhat.com/errata/RHSA-2022:7173 https://nvd.nist.gov https://github.com/Markakd/CVE-2022-2588

CVE-2021-3715

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect