ID

VAR-202105-1451


CVE

CVE-2021-22543


TITLE

Linux Kernel  Buffer Error Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-007425

DESCRIPTION

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. Linux Kernel Is vulnerable to a buffer error.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Arch Linux is an application system of Arch open source. A lightweight and flexible Linux® distribution that tries to keep it simple. These packages include redhat-release-virtualization-host. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. (BZ#2010171) 4. 8) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.4.z source tree (BZ#1985050) * kernel-rt: Merge mm/memcg: Fix kmem_cache_alloc() performance regression (BZ#1987102) 4. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64 3. 8.1) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. ========================================================================== Ubuntu Security Notice USN-5120-1 October 21, 2021 linux-azure-5.8 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19449) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not ensure enough processing time was given to perform cleanups of large SEV VMs. A local attacker could use this to cause a denial of service (soft lockup). (CVE-2020-36311) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Xilinx LL TEMAC device driver in the Linux kernel did not properly calculate the number of buffers to be used in certain situations. A remote attacker could use this to cause a denial of service (system crash). (CVE-2021-38207) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.8.0-1043-azure 5.8.0-1043.46~20.04.1 linux-image-azure 5.8.0.1043.46~20.04.15 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. Bug Fix(es): * [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap [7.9.z] (BZ#1975161) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:3987-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3987 Issue date: 2021-10-26 CVE Names: CVE-2019-20934 CVE-2020-36385 CVE-2021-3653 CVE-2021-3656 CVE-2021-22543 CVE-2021-37576 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.7) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.7) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.7) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Bug Fix(es): * A race between i40e_ndo_set_vf_mac() and i40e_vsi_clear() in the i40e driver causes a use after free condition of the kmalloc-4096 slab cache. (BZ#1980333) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Package List: Red Hat Enterprise Linux Server AUS (v. 7.7): Source: kernel-3.10.0-1062.59.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.59.1.el7.noarch.rpm kernel-doc-3.10.0-1062.59.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.59.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.59.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.59.1.el7.x86_64.rpm perf-3.10.0-1062.59.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.7): Source: kernel-3.10.0-1062.59.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.59.1.el7.noarch.rpm kernel-doc-3.10.0-1062.59.1.el7.noarch.rpm ppc64le: bpftool-3.10.0-1062.59.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-debug-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-devel-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-headers-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-tools-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.59.1.el7.ppc64le.rpm perf-3.10.0-1062.59.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm python-perf-3.10.0-1062.59.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm x86_64: bpftool-3.10.0-1062.59.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.59.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.59.1.el7.x86_64.rpm perf-3.10.0-1062.59.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.7): Source: kernel-3.10.0-1062.59.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.59.1.el7.noarch.rpm kernel-doc-3.10.0-1062.59.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.59.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.59.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.59.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.59.1.el7.x86_64.rpm perf-3.10.0-1062.59.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.7): x86_64: bpftool-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.59.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.6): ppc64le: bpftool-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.59.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.59.1.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.59.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.7): x86_64: bpftool-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.59.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.59.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-20934 https://access.redhat.com/security/cve/CVE-2020-36385 https://access.redhat.com/security/cve/CVE-2021-3653 https://access.redhat.com/security/cve/CVE-2021-3656 https://access.redhat.com/security/cve/CVE-2021-22543 https://access.redhat.com/security/cve/CVE-2021-37576 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYXew09zjgjWX9erEAQh/NRAAlpTOJdaVIZiu4IJtVrtRh2JGkgTlL2Pi KIpqyIeBFsUwRh0pg9GE10q4NRk/DqMYTXvc2GJaNUZlRbzEhLxZXKqksfea6kmo wwGdORkerZrbE8QYF/FRC/6Bxi99lvoH0rSEeJeX0bM6vVwu9ubp7Xbdp4hmq08S 1VsG5ftGK6hQJPyxVDgPIHK1FHE5dVz1puyM10eY5NgabKCdD8oCC9/OL1hxFjAv ADTfFombilFItZoYa9rQdpoQ7s5CBZ1H6VbA+d9CvUltfzRzr6EUflL/rM3af3s1 PTSGqTSqdAZRoebwFvqKlHSoK2B7Wrinxs0kIGbvf3S2MbGklfzb6GaB4QZZ490T WRuTiJZTvMP0jqQyW0nTCMbxfqo3NgKbQt2wQSGYYDlwq65vhuuQAghGVPEoBPhS T9inwoSthoj7uxni1E58TXwPhzfEPXSTAkEZvu05BLt1AXRA+RrNH/B7VIHx30oX fkdz6MFeO/SWIb/CWf5YQVD3Xfsk+9rg2JWGWjnAE2WV9lhsVqhlidL36uaL6kmA LGrb/ZQcsVIPIM+HQRme15MBsg3GervoIHWkWOPbXvU4fYHxID2YkLMZQ6vtGHE2 DHe1+11yo2WKvdWB5nrbsIDBYBJLKT12DxsbycCeH2rLS7qDsfw/XDshAaFnPXZM G9cg8fFnilE= =hTrt -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 6 ELS) - i386, s390x, x86_64 3

Trust: 2.61

sources: NVD: CVE-2021-22543 // JVNDB: JVNDB-2021-007425 // VULHUB: VHN-380980 // VULMON: CVE-2021-22543 // PACKETSTORM: 164565 // PACKETSTORM: 164484 // PACKETSTORM: 163770 // PACKETSTORM: 163865 // PACKETSTORM: 163861 // PACKETSTORM: 164589 // PACKETSTORM: 164412 // PACKETSTORM: 164652 // PACKETSTORM: 167858

AFFECTED PRODUCTS

vendor:netappmodel:h300sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h410sscope:eqversion: -

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:34

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h410cscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h500escope:eqversion: -

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:netappmodel:h700sscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:2021-05-18

Trust: 1.0

vendor:netappmodel:h300escope:eqversion: -

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:33

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h700escope:eqversion: -

Trust: 1.0

vendor:netappmodel:h500sscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope: - version: -

Trust: 0.8

vendor:netappmodel:solidfire baseboard management controllerscope: - version: -

Trust: 0.8

vendor:netappmodel:baseboard management controllerscope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-007425 // NVD: CVE-2021-22543

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-22543
value: HIGH

Trust: 1.0

NVD: CVE-2021-22543
value: HIGH

Trust: 0.8

VULHUB: VHN-380980
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-22543
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-22543
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-380980
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-22543
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-22543
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-380980 // VULMON: CVE-2021-22543 // JVNDB: JVNDB-2021-007425 // NVD: CVE-2021-22543

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.1

problemtype:Buffer error (CWE-119) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-380980 // JVNDB: JVNDB-2021-007425 // NVD: CVE-2021-22543

TYPE

bypass

Trust: 0.3

sources: PACKETSTORM: 164565 // PACKETSTORM: 164484 // PACKETSTORM: 167858

PATCH

title:Linux Kernel Archives NetAppNetApp Advisoryurl:https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html

Trust: 0.8

title:Red Hat: Important: kernel security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225640 - Security Advisory

Trust: 0.1

title:Red Hat: CVE-2021-22543url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-22543

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1699url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1699

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-22543 log

Trust: 0.1

title:Amazon Linux AMI: ALAS-2021-1539url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1539

Trust: 0.1

title:Amazon Linux 2: ALAS2KERNEL-5.4-2022-004url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.4-2022-004

Trust: 0.1

title:Amazon Linux 2: ALAS2KERNEL-5.10-2022-002url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.10-2022-002

Trust: 0.1

title:CVE-2021-22543url:https://github.com/JamesGeeee/CVE-2021-22543

Trust: 0.1

sources: VULMON: CVE-2021-22543 // JVNDB: JVNDB-2021-007425

EXTERNAL IDS

db:NVDid:CVE-2021-22543

Trust: 3.7

db:OPENWALLid:OSS-SECURITY/2021/06/26/1

Trust: 1.2

db:JVNDBid:JVNDB-2021-007425

Trust: 0.8

db:PACKETSTORMid:164589

Trust: 0.2

db:PACKETSTORMid:164652

Trust: 0.2

db:PACKETSTORMid:167858

Trust: 0.2

db:PACKETSTORMid:164666

Trust: 0.1

db:PACKETSTORMid:164583

Trust: 0.1

db:VULHUBid:VHN-380980

Trust: 0.1

db:VULMONid:CVE-2021-22543

Trust: 0.1

db:PACKETSTORMid:164565

Trust: 0.1

db:PACKETSTORMid:164484

Trust: 0.1

db:PACKETSTORMid:163770

Trust: 0.1

db:PACKETSTORMid:163865

Trust: 0.1

db:PACKETSTORMid:163861

Trust: 0.1

db:PACKETSTORMid:164412

Trust: 0.1

sources: VULHUB: VHN-380980 // VULMON: CVE-2021-22543 // JVNDB: JVNDB-2021-007425 // PACKETSTORM: 164565 // PACKETSTORM: 164484 // PACKETSTORM: 163770 // PACKETSTORM: 163865 // PACKETSTORM: 163861 // PACKETSTORM: 164589 // PACKETSTORM: 164412 // PACKETSTORM: 164652 // PACKETSTORM: 167858 // NVD: CVE-2021-22543

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2021-22543

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20210708-0002/

Trust: 1.2

url:https://github.com/google/security-research/security/advisories/ghsa-7wq5-phmq-m584

Trust: 1.2

url:https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html

Trust: 1.2

url:https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html

Trust: 1.2

url:http://www.openwall.com/lists/oss-security/2021/06/26/1

Trust: 1.2

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4g5ybuvephzyxmkngbz3s6infcteel4e/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/roqixqb7zawi3ksgshr6h5rduwzi775s/

Trust: 1.0

url:https://access.redhat.com/security/cve/cve-2021-22543

Trust: 0.9

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.8

url:https://access.redhat.com/security/team/key/

Trust: 0.8

url:https://bugzilla.redhat.com/):

Trust: 0.8

url:https://access.redhat.com/security/team/contact/

Trust: 0.8

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.7

url:https://access.redhat.com/articles/11258

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-22555

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-22555

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-32399

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-32399

Trust: 0.3

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/roqixqb7zawi3ksgshr6h5rduwzi775s/

Trust: 0.2

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4g5ybuvephzyxmkngbz3s6infcteel4e/

Trust: 0.2

url:https://access.redhat.com/errata/rhsa-2022:5640

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3653

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3656

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3653

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3656

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-37576

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-37576

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://github.com/jamesgeeee/cve-2021-22543

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3943

Trust: 0.1

url:https://access.redhat.com/articles/2974891

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3802

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3609

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3088

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3609

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3173

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3181

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19449

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3759

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-38199

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-38207

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-40490

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1043.46~20.04.1

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5120-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3612

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-26541

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36311

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3725

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20934

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36385

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3987

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36385

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20934

Trust: 0.1

sources: VULHUB: VHN-380980 // VULMON: CVE-2021-22543 // JVNDB: JVNDB-2021-007425 // PACKETSTORM: 164565 // PACKETSTORM: 164484 // PACKETSTORM: 163770 // PACKETSTORM: 163865 // PACKETSTORM: 163861 // PACKETSTORM: 164589 // PACKETSTORM: 164412 // PACKETSTORM: 164652 // PACKETSTORM: 167858 // NVD: CVE-2021-22543

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 164565 // PACKETSTORM: 164484 // PACKETSTORM: 163770 // PACKETSTORM: 163865 // PACKETSTORM: 163861 // PACKETSTORM: 164412 // PACKETSTORM: 164652 // PACKETSTORM: 167858

SOURCES

db:VULHUBid:VHN-380980
db:VULMONid:CVE-2021-22543
db:JVNDBid:JVNDB-2021-007425
db:PACKETSTORMid:164565
db:PACKETSTORMid:164484
db:PACKETSTORMid:163770
db:PACKETSTORMid:163865
db:PACKETSTORMid:163861
db:PACKETSTORMid:164589
db:PACKETSTORMid:164412
db:PACKETSTORMid:164652
db:PACKETSTORMid:167858
db:NVDid:CVE-2021-22543

LAST UPDATE DATE

2024-11-11T22:38:43.019000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-380980date:2022-04-01T00:00:00
db:VULMONid:CVE-2021-22543date:2022-04-01T00:00:00
db:JVNDBid:JVNDB-2021-007425date:2022-02-10T08:59:00
db:NVDid:CVE-2021-22543date:2024-05-29T20:15:09.870

SOURCES RELEASE DATE

db:VULHUBid:VHN-380980date:2021-05-26T00:00:00
db:VULMONid:CVE-2021-22543date:2021-05-26T00:00:00
db:JVNDBid:JVNDB-2021-007425date:2022-02-10T00:00:00
db:PACKETSTORMid:164565date:2021-10-20T15:47:57
db:PACKETSTORMid:164484date:2021-10-13T14:43:04
db:PACKETSTORMid:163770date:2021-08-10T14:49:29
db:PACKETSTORMid:163865date:2021-08-17T15:21:44
db:PACKETSTORMid:163861date:2021-08-17T15:14:36
db:PACKETSTORMid:164589date:2021-10-22T15:27:48
db:PACKETSTORMid:164412date:2021-10-05T15:00:09
db:PACKETSTORMid:164652date:2021-10-26T15:31:16
db:PACKETSTORMid:167858date:2022-07-27T17:35:51
db:NVDid:CVE-2021-22543date:2021-05-26T11:15:08.623