ID

VAR-202106-1232


CVE

CVE-2021-3490


TITLE

Linux Kernel  Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-012328

DESCRIPTION

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix alu32 const subreg bound tracking on bitwise operations") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 ("bpf: Verifier, do explicit ALU32 bounds tracking") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 ("bpf:Fix a verifier failure with xor") ( 5.10-rc1). Linux Kernel contains an out-of-bounds read vulnerability and an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation of the United States. There are security vulnerabilities in the Linux kernel. The vulnerability stems from the discovery that eBPF ALU32 boundary tracking for bitwise operations (AND, OR, and XOR) does not update 32-bit boundaries. No detailed vulnerability details are currently provided. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Please note that to address this issue, SF_BROADCAST support was removed temporarily from the CAN ISOTP implementation in Ubuntu 21.04 kernels. Software Description: - linux-oem-5.10: Linux kernel for OEM systems Details: Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3490) Billy Jheng Bing-Jhong discovered that the io_uring implementation of the Linux kernel did not properly enforce the MAX_RW_COUNT limit in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3491) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672) It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688) It was discovered that the io_uring subsystem in the Linux kernel contained a race condition leading to a deadlock condition. A local attacker could use this to cause a denial of service. (CVE-2021-28951) John Stultz discovered that the audio driver for Qualcomm SDM845 systems in the Linux kernel did not properly validate port ID numbers. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28952) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this cause a denial of service (system crash). (CVE-2021-28971) It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-28972) It was discovered that the Freescale Gianfar Ethernet driver for the Linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations. An attacker could use this to cause a denial of service (system crash). An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29266) It was discovered that the TIPC protocol implementation in the Linux kernel did not properly validate passed encryption key sizes. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29646) It was discovered that the Qualcomm IPC router implementation in the Linux kernel did not properly initialize memory passed to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-29647) It was discovered that the BPF user mode driver implementation in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-29649) It was discovered that a race condition existed in the netfilter subsystem of the Linux kernel when replacing tables. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-29650) Felix Wilhelm discovered that the KVM implementation in the Linux kernel for AMD processors contained race conditions on nested VMCB controls. A local attacker in a guest vm could possibly use this to gain elevated privileges. (CVE-2021-29657) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) 马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3483) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.10.0-1026-oem 5.10.0-1026.27 linux-image-oem-20.04b 5.10.0.1026.27 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-4948-1 CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2021-28688, CVE-2021-28951, CVE-2021-28952, CVE-2021-28964, CVE-2021-28971, CVE-2021-28972, CVE-2021-29264, CVE-2021-29266, CVE-2021-29646, CVE-2021-29647, CVE-2021-29649, CVE-2021-29650, CVE-2021-29657, CVE-2021-31916, CVE-2021-3483, CVE-2021-3489, CVE-2021-3490, CVE-2021-3491 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1026.27 . (CVE-2020-25639) Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H

Trust: 3.69

sources: NVD: CVE-2021-3490 // JVNDB: JVNDB-2021-012328 // ZDI: ZDI-21-606 // CNVD: CNVD-2021-54395 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-3490 // PACKETSTORM: 162548 // PACKETSTORM: 162549 // PACKETSTORM: 162550

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-54395

AFFECTED PRODUCTS

vendor:canonicalmodel:ubuntuscope: - version: -

Trust: 1.5

vendor:linuxmodel:kernelscope: - version: -

Trust: 1.4

vendor:canonicalmodel:ubuntu linuxscope:eqversion:20.10

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.12

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:21.04

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.11.21

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:5.13

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.12.4

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:20.04

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.37

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.10

Trust: 1.0

sources: ZDI: ZDI-21-606 // CNVD: CNVD-2021-54395 // JVNDB: JVNDB-2021-012328 // NVD: CVE-2021-3490

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-3490
value: HIGH

Trust: 1.0

security@ubuntu.com: CVE-2021-3490
value: HIGH

Trust: 1.0

NVD: CVE-2021-3490
value: HIGH

Trust: 0.8

ZDI: CVE-2021-3490
value: HIGH

Trust: 0.7

CNVD: CNVD-2021-54395
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202105-723
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-3490
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2021-54395
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-3490
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

security@ubuntu.com: CVE-2021-3490
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.1
impactScore: 6.0
version: 3.1

Trust: 1.0

NVD: CVE-2021-3490
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2021-3490
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.0
impactScore: 6.0
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-606 // CNVD: CNVD-2021-54395 // JVNDB: JVNDB-2021-012328 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-723 // NVD: CVE-2021-3490 // NVD: CVE-2021-3490

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.0

problemtype:CWE-20

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

problemtype: Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-012328 // NVD: CVE-2021-3490

THREAT TYPE

local

Trust: 0.9

sources: PACKETSTORM: 162548 // PACKETSTORM: 162549 // PACKETSTORM: 162550 // CNNVD: CNNVD-202105-723

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:Fix alu32 const subreg bound tracking on bitwise operationsurl:https://ubuntu.com/security/notices/USN-4949-1

Trust: 0.8

title:Canonical has issued an update to correct this vulnerability.url:https://www.openwall.com/lists/oss-security/2021/05/11/11

Trust: 0.7

title:Patch for Linux kernel buffer overflow vulnerability (CNVD-2021-54395)url:https://www.cnvd.org.cn/patchInfo/show/280546

Trust: 0.6

title:Linux kernel Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=154141

Trust: 0.6

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-3490 log

Trust: 0.1

sources: ZDI: ZDI-21-606 // CNVD: CNVD-2021-54395 // VULMON: CVE-2021-3490 // JVNDB: JVNDB-2021-012328 // CNNVD: CNNVD-202105-723

EXTERNAL IDS

db:NVDid:CVE-2021-3490

Trust: 4.9

db:OPENWALLid:OSS-SECURITY/2021/05/11/11

Trust: 2.4

db:ZDIid:ZDI-21-606

Trust: 2.3

db:PACKETSTORMid:164015

Trust: 1.6

db:JVNDBid:JVNDB-2021-012328

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-13590

Trust: 0.7

db:PACKETSTORMid:162548

Trust: 0.7

db:CNVDid:CNVD-2021-54395

Trust: 0.6

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2021.2136

Trust: 0.6

db:AUSCERTid:ESB-2021.1622

Trust: 0.6

db:AUSCERTid:ESB-2021.2291

Trust: 0.6

db:AUSCERTid:ESB-2021.2812

Trust: 0.6

db:CS-HELPid:SB2021081901

Trust: 0.6

db:CXSECURITYid:WLB-2021090010

Trust: 0.6

db:CNNVDid:CNNVD-202105-723

Trust: 0.6

db:VULMONid:CVE-2021-3490

Trust: 0.1

db:PACKETSTORMid:162549

Trust: 0.1

db:PACKETSTORMid:162550

Trust: 0.1

sources: ZDI: ZDI-21-606 // CNVD: CNVD-2021-54395 // VULMON: CVE-2021-3490 // JVNDB: JVNDB-2021-012328 // PACKETSTORM: 162548 // PACKETSTORM: 162549 // PACKETSTORM: 162550 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-723 // NVD: CVE-2021-3490

REFERENCES

url:https://www.openwall.com/lists/oss-security/2021/05/11/11

Trust: 3.1

url:https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e

Trust: 2.2

url:https://www.zerodayinitiative.com/advisories/zdi-21-606/

Trust: 2.2

url:http://packetstormsecurity.com/files/164015/linux-ebpf-alu32-32-bit-invalid-bounds-tracking-local-privilege-escalation.html

Trust: 2.2

url:https://ubuntu.com/security/notices/usn-4950-1

Trust: 1.7

url:https://ubuntu.com/security/notices/usn-4949-1

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20210716-0004/

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-3490

Trust: 1.1

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/linux-kernel-integer-overflow-via-ebpf-35395

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021081901

Trust: 0.6

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-wearables-202111-0000001172568432

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2136

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2812

Trust: 0.6

url:https://packetstormsecurity.com/files/162548/ubuntu-security-notice-usn-4950-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1622

Trust: 0.6

url:https://cxsecurity.com/issue/wlb-2021090010

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-3490

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2291

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-3491

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-3489

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-29650

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-29266

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-29264

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-29646

Trust: 0.2

url:http://seclists.org/oss-sec/2021/q2/125

Trust: 0.1

url:https://security.archlinux.org/cve-2021-3490

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.11.0-1007.7

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/5.11.0-1006.6

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/5.11.0-1007.7

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi/5.11.0-1008.8

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.11.0-1005.5

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.11.0-17.18

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/5.11.0-1007.7

Trust: 0.1

url:https://launchpad.net/bugs/1927409

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25670

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-4948-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28971

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1026.27

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-29657

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28952

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28688

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-29649

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3483

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28951

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-29647

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-31916

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28964

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28972

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1029.30

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1024.27

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-26930

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1027.29

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28375

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-53.60~20.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.8.0-53.60

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-26931

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1031.32

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25639

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-29265

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1032.34

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1033.35

Trust: 0.1

sources: ZDI: ZDI-21-606 // CNVD: CNVD-2021-54395 // VULMON: CVE-2021-3490 // JVNDB: JVNDB-2021-012328 // PACKETSTORM: 162548 // PACKETSTORM: 162549 // PACKETSTORM: 162550 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-723 // NVD: CVE-2021-3490

CREDITS

Ubuntu

Trust: 0.9

sources: PACKETSTORM: 162548 // PACKETSTORM: 162549 // PACKETSTORM: 162550 // CNNVD: CNNVD-202105-723

SOURCES

db:ZDIid:ZDI-21-606
db:CNVDid:CNVD-2021-54395
db:VULMONid:CVE-2021-3490
db:JVNDBid:JVNDB-2021-012328
db:PACKETSTORMid:162548
db:PACKETSTORMid:162549
db:PACKETSTORMid:162550
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202105-723
db:NVDid:CVE-2021-3490

LAST UPDATE DATE

2024-08-14T12:55:09.706000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-606date:2021-05-25T00:00:00
db:CNVDid:CNVD-2021-54395date:2021-07-24T00:00:00
db:JVNDBid:JVNDB-2021-012328date:2022-08-30T01:52:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202105-723date:2021-11-29T00:00:00
db:NVDid:CVE-2021-3490date:2021-09-14T14:31:03.317

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-606date:2021-05-25T00:00:00
db:CNVDid:CNVD-2021-54395date:2021-07-23T00:00:00
db:JVNDBid:JVNDB-2021-012328date:2022-08-30T00:00:00
db:PACKETSTORMid:162548date:2021-05-12T13:52:34
db:PACKETSTORMid:162549date:2021-05-12T13:52:40
db:PACKETSTORMid:162550date:2021-05-12T13:52:46
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202105-723date:2021-05-11T00:00:00
db:NVDid:CVE-2021-3490date:2021-06-04T02:15:07.150