Details of VAR-202103-1442

ID

VAR-202103-1442

CVE

CVE-2021-28375

TITLE

Linux Kernel Vulnerability in privilege management

Trust: 0.8

sources: JVNDB: JVNDB-2021-004458

DESCRIPTION

An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. Vendor is responsible for this vulnerability CID-20c40794eb85 It is published as. This vulnerability is CVE-2019-2308 Vulnerabilities related to.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. ========================================================================== Ubuntu Security Notice USN-4949-1 May 11, 2021 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3489) Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3491) It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25639) Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Sch\xf6nherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2021-26930) Jan Beulich discovered that multiple Xen backends in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). A local attacker could possibly use this to gain elevated privileges. (CVE-2021-28375) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2021-29264) It was discovered that the USB/IP driver in the Linux kernel contained race conditions during the update of local and shared status. An attacker could use this to cause a denial of service (system crash). An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29266) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: linux-image-5.8.0-1024-raspi 5.8.0-1024.27 linux-image-5.8.0-1024-raspi-nolpae 5.8.0-1024.27 linux-image-5.8.0-1027-kvm 5.8.0-1027.29 linux-image-5.8.0-1029-oracle 5.8.0-1029.30 linux-image-5.8.0-1031-gcp 5.8.0-1031.32 linux-image-5.8.0-1032-azure 5.8.0-1032.34 linux-image-5.8.0-1033-aws 5.8.0-1033.35 linux-image-5.8.0-53-generic 5.8.0-53.60 linux-image-5.8.0-53-generic-64k 5.8.0-53.60 linux-image-5.8.0-53-generic-lpae 5.8.0-53.60 linux-image-5.8.0-53-lowlatency 5.8.0-53.60 linux-image-aws 5.8.0.1033.35 linux-image-azure 5.8.0.1032.32 linux-image-gcp 5.8.0.1031.31 linux-image-generic 5.8.0.53.58 linux-image-generic-64k 5.8.0.53.58 linux-image-generic-lpae 5.8.0.53.58 linux-image-gke 5.8.0.1031.31 linux-image-kvm 5.8.0.1027.29 linux-image-lowlatency 5.8.0.53.58 linux-image-oem-20.04 5.8.0.53.58 linux-image-oracle 5.8.0.1029.28 linux-image-raspi 5.8.0.1024.27 linux-image-raspi-nolpae 5.8.0.1024.27 linux-image-virtual 5.8.0.53.58 Ubuntu 20.04 LTS: linux-image-5.8.0-53-generic 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic-64k 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-generic-lpae 5.8.0-53.60~20.04.1 linux-image-5.8.0-53-lowlatency 5.8.0-53.60~20.04.1 linux-image-generic-64k-hwe-20.04 5.8.0.53.60~20.04.37 linux-image-generic-hwe-20.04 5.8.0.53.60~20.04.37 linux-image-generic-lpae-hwe-20.04 5.8.0.53.60~20.04.37 linux-image-lowlatency-hwe-20.04 5.8.0.53.60~20.04.37 linux-image-virtual-hwe-20.04 5.8.0.53.60~20.04.37 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-4949-1 CVE-2020-25639, CVE-2021-26930, CVE-2021-26931, CVE-2021-28375, CVE-2021-29264, CVE-2021-29265, CVE-2021-29266, CVE-2021-29646, CVE-2021-29650, CVE-2021-3489, CVE-2021-3490, CVE-2021-3491 Package Information: https://launchpad.net/ubuntu/+source/linux/5.8.0-53.60 https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1033.35 https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1032.34 https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1031.32 https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1027.29 https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1029.30 https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1024.27 https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-53.60~20.04.1

Trust: 2.16

sources: NVD: CVE-2021-28375 // JVNDB: JVNDB-2021-004458 // VULHUB: VHN-387803 // PACKETSTORM: 162167 // PACKETSTORM: 162695 // PACKETSTORM: 162541 // PACKETSTORM: 162550 // PACKETSTORM: 162543

AFFECTED PRODUCTS

vendor:	linux	model:	kernel	scope:	gte	version:	5.1	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	32	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.5	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.10.24	Trust: 1.0
vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.4.106	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.11	Trust: 1.0
vendor:	netapp	model:	solidfire baseboard management controller	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.11.7	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	33	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	linux	model:	kernel	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-004458 // NVD: CVE-2021-28375

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-28375
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-28375
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202103-961
value:	HIGH
Trust: 0.6
VULHUB:	VHN-387803
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-28375
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-387803
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-28375
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-28375
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-387803 // JVNDB: JVNDB-2021-004458 // CNNVD: CNNVD-202103-961 // NVD: CVE-2021-28375

PROBLEMTYPE DATA

problemtype:	CWE-862	Trust: 1.1
problemtype:	Improper authority management (CWE-269) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-387803 // JVNDB: JVNDB-2021-004458 // NVD: CVE-2021-28375

THREAT TYPE

local

Trust: 1.1

sources: PACKETSTORM: 162167 // PACKETSTORM: 162695 // PACKETSTORM: 162541 // PACKETSTORM: 162550 // PACKETSTORM: 162543 // CNNVD: CNNVD-202103-961

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202103-961

PATCH

title:	restrict user apps from sending kernel RPC messages	url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMRQVOTASD3VZP6GE4JJHE27QU6FHTZ6/	Trust: 0.8
title:	Linux kernel Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=144241	Trust: 0.6

sources: JVNDB: JVNDB-2021-004458 // CNNVD: CNNVD-202103-961

EXTERNAL IDS

db:	NVD	id:	CVE-2021-28375	Trust: 3.0
db:	PACKETSTORM	id:	162167	Trust: 0.8
db:	PACKETSTORM	id:	162695	Trust: 0.8
db:	PACKETSTORM	id:	162541	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-004458	Trust: 0.8
db:	CNNVD	id:	CNNVD-202103-961	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.1231	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1307	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1299	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2136	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1623	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2606	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1766	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1694	Trust: 0.6
db:	PACKETSTORM	id:	162550	Trust: 0.2
db:	PACKETSTORM	id:	162543	Trust: 0.2
db:	VULHUB	id:	VHN-387803	Trust: 0.1

sources: VULHUB: VHN-387803 // JVNDB: JVNDB-2021-004458 // PACKETSTORM: 162167 // PACKETSTORM: 162695 // PACKETSTORM: 162541 // PACKETSTORM: 162550 // PACKETSTORM: 162543 // CNNVD: CNNVD-202103-961 // NVD: CVE-2021-28375

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2021-28375	Trust: 1.9
url:	https://security.netapp.com/advisory/ntap-20210401-0003/	Trust: 1.7
url:	https://git.kernel.org/linus/20c40794eb85ea29852d7bc37c55713802a543d6	Trust: 1.7
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/omrqvotasd3vzp6ge4jjhe27qu6fhtz6/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/tjpvqzpy3dhpv5i3ivnmsmo6d3pkzisx/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xaunydtge6mb4nwl2sihpcodclet3jzb/	Trust: 1.0
url:	https://lore.kernel.org/stable/yd03ew7+6v0xph6l%40kroah.com/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xaunydtge6mb4nwl2sihpcodclet3jzb/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/omrqvotasd3vzp6ge4jjhe27qu6fhtz6/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/tjpvqzpy3dhpv5i3ivnmsmo6d3pkzisx/	Trust: 0.7
url:	https://lore.kernel.org/stable/yd03ew7+6v0xph6l@kroah.com/	Trust: 0.7
url:	https://source.android.com/security/bulletin/2021-08-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1623	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1766	Trust: 0.6
url:	https://packetstormsecurity.com/files/162167/ubuntu-security-notice-usn-4911-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2606	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1307	Trust: 0.6
url:	https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202110-0000001162680040	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-28375	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1231	Trust: 0.6
url:	https://packetstormsecurity.com/files/162695/ubuntu-security-notice-usn-4945-2.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2136	Trust: 0.6
url:	https://vigilance.fr/vulnerability/linux-kernel-privilege-escalation-via-fastrpc-internal-invoke-34854	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1299	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1694	Trust: 0.6
url:	https://packetstormsecurity.com/files/162541/ubuntu-security-notice-usn-4945-1.html	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25639	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29650	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28038	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29265	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30002	Trust: 0.3
url:	https://ubuntu.com/security/notices/usn-4945-1	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28660	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29646	Trust: 0.2
url:	https://ubuntu.com/security/notices/usn-4911-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1021.22	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28950	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1035.38	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1035.38~18.04.1	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-4945-2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1047.49~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1043.45	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1047.49	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1043.46~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1015.16	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1015.16~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1044.47~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1043.46	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1048.50~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.4.0-73.82	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1039.40	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-73.82~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1045.49	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1043.45~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1048.50	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1029.30	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1024.27	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-26930	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-4949-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1027.29	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-53.60~20.04.1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29266	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3489	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.8.0-53.60	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-26931	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1031.32	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1032.34	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29264	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3490	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1033.35	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3491	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35519	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-4947-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oem-5.6/5.6.0-1056.60	Trust: 0.1

CREDITS

Ubuntu

Trust: 1.1

sources: PACKETSTORM: 162167 // PACKETSTORM: 162695 // PACKETSTORM: 162541 // PACKETSTORM: 162550 // PACKETSTORM: 162543 // CNNVD: CNNVD-202103-961

SOURCES

db:	VULHUB	id:	VHN-387803
db:	JVNDB	id:	JVNDB-2021-004458
db:	PACKETSTORM	id:	162167
db:	PACKETSTORM	id:	162695
db:	PACKETSTORM	id:	162541
db:	PACKETSTORM	id:	162550
db:	PACKETSTORM	id:	162543
db:	CNNVD	id:	CNNVD-202103-961
db:	NVD	id:	CVE-2021-28375

LAST UPDATE DATE

2024-08-14T13:04:25.400000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-387803	date:	2023-02-24T00:00:00
db:	JVNDB	id:	JVNDB-2021-004458	date:	2021-11-22T08:57:00
db:	CNNVD	id:	CNNVD-202103-961	date:	2022-07-14T00:00:00
db:	NVD	id:	CVE-2021-28375	date:	2023-11-07T03:32:08.597

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-387803	date:	2021-03-15T00:00:00
db:	JVNDB	id:	JVNDB-2021-004458	date:	2021-11-22T00:00:00
db:	PACKETSTORM	id:	162167	date:	2021-04-13T22:55:55
db:	PACKETSTORM	id:	162695	date:	2021-05-19T14:19:27
db:	PACKETSTORM	id:	162541	date:	2021-05-12T13:50:45
db:	PACKETSTORM	id:	162550	date:	2021-05-12T13:52:46
db:	PACKETSTORM	id:	162543	date:	2021-05-12T13:51:05
db:	CNNVD	id:	CNNVD-202103-961	date:	2021-03-15T00:00:00
db:	NVD	id:	CVE-2021-28375	date:	2021-03-15T05:15:13.740