Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2021-3764

Published: 23/08/2022 Updated: 25/08/2022
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
Subscribe to Linux Kernel

Vulnerability Summary

A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an malicious user to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 5.15

linux linux kernel

Vendor Advisories

Red Hat: CVE-2021-3764
A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service The vulnerability is similar to the older CVE-2019-18808 The highest threat from this vulnerability is to system availability ...
Arch Linux Issues:
A memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-opsc in the Linux kernel allows attackers to cause a denial of service (memory consumption) It happens if function ccp_init_data(&src) returns error code (that is being called from the ccp_run_aes_gcm_cmd) This vulnerability is similar with the older CVE-2019-18808 ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-009
A flaw was found in the Linux kernel A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service This vulnerability is similar with the older CVE-2019-18808 The highest threat from this vulnerability is to system availability (CVE-2021-3744) A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-029
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS A local user could use this flaw to crash the system (CVE-2021-20321) A flaw was found in the Linux kernel A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-027
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS A local user could use this flaw to crash the system (CVE-2021-20321) A flaw was found in the Linux kernel A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-031
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS A local user could use this flaw to crash the system (CVE-2021-20321) A flaw was found in the Linux kernel A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service ...
Amazon Linux 2: ALAS2KERNEL-5.10-2022-007
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS A local user could use this flaw to crash the system (CVE-2021-20321) A flaw was found in the Linux kernel A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service ...
Amazon Linux 2: ALAS2-2021-1719
A flaw was found in the Linux kernel A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueuec This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP The highest threat from this vulnerability is ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated ...
Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update
Synopsis Moderate: Migration Toolkit for Containers (MTC) 165 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 165 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update
Synopsis Moderate: Migration Toolkit for Containers (MTC) 172 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 172 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.4.5 security updates and bug fixes
Synopsis Moderate: Red Hat Advanced Cluster Management 245 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 245 GeneralAvailability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security ...
Red Hat: Important: Red Hat Advanced Cluster Management 2.5 security updates, images, and bug fixes
Synopsis Important: Red Hat Advanced Cluster Management 25 security updates, images, and bug fixes Type/Severity Security Advisory: Important Topic Red Hat Advanced Cluster Management for Kubernetes 250 is now generally availableRed Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.11 security updates and bug fixes
概述 Moderate: Red Hat Advanced Cluster Management 2311 security updates and bug fixes 类型/严重性 Security Advisory: Moderate 标题 Red Hat Advanced Cluster Management for Kubernetes 2311 generalavailability release images, which provide security updates and bug fixesRed Hat Product Security has rated this update as having a sec ...
Debian Security Advisories: DSA-5096-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-29374 Jann Horn of Google reported a flaw in Linux's virtual memory management A parent and child process initially share all their memory, but when either writes to a shared page, ...

Github Repositories

CVE-2021-3764 A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service The vulnerability is similar to the older CVE-2019-18808 The highest threat from this vulnerability is to system availability authentication complexity vector not available not available not available confident

References

CWE-401https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680https://access.redhat.com/security/cve/CVE-2021-3764https://security-tracker.debian.org/tracker/CVE-2021-3764https://bugzilla.redhat.com/show_bug.cgi?id=1997467https://github.com/Live-Hack-CVE/CVE-2021-3764https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2021-3764
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-25675CVE-2023-21072physicalCVE-2023-28446encryptionCVE-2023-21076server-side request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook