8.8
CVSSv3

CVE-2021-4154

Published: 04/02/2022 Updated: 01/03/2022
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

linux linux kernel 5.14

redhat virtualization 4.0

redhat enterprise linux 8.0

netapp hci baseboard management controller h300e

netapp hci baseboard management controller h300s

netapp hci baseboard management controller h410s

netapp hci baseboard management controller h500e

netapp hci baseboard management controller h500s

netapp hci baseboard management controller h700e

netapp hci baseboard management controller h700s

Vendor Advisories

Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this upd ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated ...
Synopsis Important: Red Hat Virtualization Host security and bug fix update [ovirt-4410] Async #1 Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for redhat-release-virtualization-host and redhat-virtualizatio ...
Synopsis Moderate: OpenShift Container Platform 4742 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4742 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platfo ...
Synopsis Moderate: Red Hat Advanced Cluster Management 238 security and container updates Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 238 GeneralAvailability release images, which provide security and container updatesRed Hat Product Security has rated this update as having a securit ...
Synopsis Moderate: Red Hat Advanced Cluster Management 243 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 243 General Availability release images This update provides security fixes, bug fixes, and updates the container imagesRed Hat Product Security has ...
Synopsis Moderate: Migration Toolkit for Containers (MTC) 154 security update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 154 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichg ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # SSB-439005: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP Publication Date: 2018-11-27 Last Update: 2022-02-08 Current Version: 40 DESCRIPTION Multiple vulnerabilities have been identified in the additional GNU ...