Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2021-3772

Published: 02/03/2022 Updated: 12/02/2023
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 4.2 | Exploitability Score: 2.2
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Subscribe to Linux

Vulnerability Summary

It exists that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service (connection disassociation). (CVE-2021-3772) ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

redhat enterprise linux 8.0

debian debian linux 9.0

debian debian linux 10.0

oracle communications cloud native core binding support function 22.1.3

oracle communications cloud native core policy 22.2.0

oracle communications cloud native core network exposure function 22.1.1

netapp solidfire \\& hci management node -

netapp hci compute node -

netapp solidfire \\& hci storage node -

netapp e-series santricity os controller 11.0

netapp e-series santricity os controller 11.0.0

netapp e-series santricity os controller 11.20

netapp e-series santricity os controller 11.25

netapp e-series santricity os controller 11.30

netapp e-series santricity os controller 11.30.5r3

netapp e-series santricity os controller 11.40

netapp e-series santricity os controller 11.40.3r2

netapp e-series santricity os controller 11.40.5

netapp e-series santricity os controller 11.50.1

netapp e-series santricity os controller 11.50.2

netapp e-series santricity os controller 11.60

netapp e-series santricity os controller 11.60.0

netapp e-series santricity os controller 11.60.1

netapp e-series santricity os controller 11.60.3

netapp e-series santricity os controller 11.70.1

netapp e-series santricity os controller 11.70.2

netapp h300s_firmware -

netapp h500s_firmware -

netapp h700s_firmware -

netapp h410s_firmware -

netapp h410c_firmware -

netapp h610c_firmware -

netapp h610s_firmware -

netapp h615c_firmware -

Vendor Advisories

Debian Security Advisories: DSA-5096-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-29374 Jann Horn of Google reported a flaw in Linux's virtual memory management A parent and child process initially share all their memory, but when either writes to a shared page, ...
Red Hat: Important: Red Hat Advanced Cluster Management 2.5 security updates, images, and bug fixes
Synopsis Important: Red Hat Advanced Cluster Management 25 security updates, images, and bug fixes Type/Severity Security Advisory: Important Topic Red Hat Advanced Cluster Management for Kubernetes 250 is now generally availableRed Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability ...
Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update
Synopsis Moderate: Migration Toolkit for Containers (MTC) 165 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 165 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.11 security updates and bug fixes
概述 Moderate: Red Hat Advanced Cluster Management 2311 security updates and bug fixes 类型/严重性 Security Advisory: Moderate 标题 Red Hat Advanced Cluster Management for Kubernetes 2311 generalavailability release images, which provide security updates and bug fixesRed Hat Product Security has rated this update as having a sec ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.4.5 security updates and bug fixes
Synopsis Moderate: Red Hat Advanced Cluster Management 245 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 245 GeneralAvailability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security ...
Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update
Synopsis Moderate: Migration Toolkit for Containers (MTC) 172 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 172 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Ubuntu Security Notice: USN-5467-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5466-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5265-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat: CVE-2021-3772
A flaw was found in the Linux SCTP stack A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses ...
Amazon Linux 2: ALAS2KERNEL-5.10-2022-008
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if unbind the driver) (CVE-2020-27820) A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-010
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if unbind the driver) (CVE-2020-27820) A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was ...
Amazon Linux 2: ALAS2-2021-1727
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page A privileged local user could use this flaw to cras ...
Amazon Linux AMI: ALAS-2023-1688
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports This flaw allows an off-path remote user to effectively bypass the source port UDP randomization The highest threat from this vulnerability is to confidentiality ...
Amazon Linux AMI: ALAS-2022-1563
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports This flaw allows an off-path remote user to effectively bypass the source port UDP randomization The highest threat from this vulnerability is to confidentiality ...

References

CWE-354https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0dfhttps://bugzilla.redhat.com/show_bug.cgi?id=2000694https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0dfhttps://ubuntu.com/security/CVE-2021-3772https://lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlhttps://www.debian.org/security/2022/dsa-5096https://www.oracle.com/security-alerts/cpujul2022.htmlhttps://security.netapp.com/advisory/ntap-20221007-0001/https://nvd.nist.govhttps://www.debian.org/security/2022/dsa-5096https://ubuntu.com/security/notices/USN-5467-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook