Details of VAR-202107-1361

ID

VAR-202107-1361

CVE

CVE-2021-33909

TITLE

Linux kernel Input validation error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202107-1534

DESCRIPTION

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. CVE-2020-36311 A flaw was discovered in the KVM subsystem for AMD CPUs, allowing an attacker to cause a denial of service by triggering destruction of a large SEV VM. CVE-2021-3609 Norbert Slusarek reported a race condition vulnerability in the CAN BCM networking protocol, allowing a local attacker to escalate privileges. An unprivileged local attacker able to create, mount, and then delete a deep directory structure whose total path length exceeds 1GB, can take advantage of this flaw for privilege escalation. Details can be found in the Qualys advisory at https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt CVE-2021-34693 Norbert Slusarek discovered an information leak in the CAN BCM networking protocol. A local attacker can take advantage of this flaw to obtain sensitive information from kernel stack memory. For the stable distribution (buster), these problems have been fixed in version 4.19.194-3. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmD2xvFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Tp/g//af2JkknfeqLs9FHFlqiYvIl1co4zEOW6e4BO8WAtvB3q5+scTNiFgN/W 66o9sDTi+Bnuhxja/lsZEkwM5QnrcPCSndUuY8EIOBDRdAla9R3xf4vUSYQ4KVb8 re3NmfzlkiLiGd6JRZXeV8+8stUjbLc6e0EG36S2HJ6hDs7pOA+vxcR/ui8yf15e p9egIKOqznhsNFHgrZRm4R1yqgNzfkFBWeSgfuFZGsFi9b2I3FJQKDTx0TXwxerB PKtvstJ1/xKbtK8m5IdntLOPeUPXuUlhoff4cN192IRNrPCcUXf7vRJoGg6A7WP2 dfvErldL8AsJHMBEs6YqEQSajFMoJX2590Bt8VK1xZwvhirSB7ZClk4+boh8OhlG apKj/OPIi3KGPt2s8t23zq3cU6aAFyTp6VQacuS+kR/2bdF0H3iQKcB5I4HFSSx9 BxK0ZpcZSw4axt35lfVhqnoeARb2GtUBqO77CWOOdtXcxDACD3VQ8PiqxxfpGS26 V/ASWmWzCeoGs+FQ5iRoN2JC5i9VcJX32r0fbNVvj7BG+ZQBe5XZ30eOalQLPs4/ SQnBoWuMnIpl/5+6FxkPXiqzkDGnkUm2ep2gXhdFrJmn/3ugpMiAPEuETo7Q2Lfj Ze6DKkHJPBK2BaKs1UgWPNvQBVQrcs0rKMLEf6LxS0eAJHlcCdo= =dhUe -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2021:2735-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2735 Issue date: 2021-07-20 CVE Names: CVE-2020-12362 CVE-2021-3347 CVE-2021-33909 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6 ELS) - i386, noarch, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362) * kernel: Use after free via PI futex state (CVE-2021-3347) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1922249 - CVE-2021-3347 kernel: Use after free via PI futex state 1930246 - CVE-2020-12362 kernel: Integer overflow in Intel(R) Graphics Drivers 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Server (v. 6 ELS): Source: kernel-2.6.32-754.41.2.el6.src.rpm i386: kernel-2.6.32-754.41.2.el6.i686.rpm kernel-debug-2.6.32-754.41.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm kernel-devel-2.6.32-754.41.2.el6.i686.rpm kernel-headers-2.6.32-754.41.2.el6.i686.rpm perf-2.6.32-754.41.2.el6.i686.rpm perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.41.2.el6.noarch.rpm kernel-doc-2.6.32-754.41.2.el6.noarch.rpm kernel-firmware-2.6.32-754.41.2.el6.noarch.rpm s390x: kernel-2.6.32-754.41.2.el6.s390x.rpm kernel-debug-2.6.32-754.41.2.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-debug-devel-2.6.32-754.41.2.el6.s390x.rpm kernel-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.41.2.el6.s390x.rpm kernel-devel-2.6.32-754.41.2.el6.s390x.rpm kernel-headers-2.6.32-754.41.2.el6.s390x.rpm kernel-kdump-2.6.32-754.41.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-kdump-devel-2.6.32-754.41.2.el6.s390x.rpm perf-2.6.32-754.41.2.el6.s390x.rpm perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm x86_64: kernel-2.6.32-754.41.2.el6.x86_64.rpm kernel-debug-2.6.32-754.41.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.41.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.41.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.41.2.el6.x86_64.rpm kernel-devel-2.6.32-754.41.2.el6.x86_64.rpm kernel-headers-2.6.32-754.41.2.el6.x86_64.rpm perf-2.6.32-754.41.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6 ELS): i386: kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm python-perf-2.6.32-754.41.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm s390x: kernel-debug-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.41.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.41.2.el6.s390x.rpm perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm python-perf-2.6.32-754.41.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.41.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm python-perf-2.6.32-754.41.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-12362 https://access.redhat.com/security/cve/CVE-2021-3347 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPc4YtzjgjWX9erEAQgIaA//UYu+fLneuZ2zgqYYAam/u9hDvf3bHK+6 gXrL3MWGN58w+npoNVJZAJ25ooUhUbvIE+YjHeU/wJIts7ctHmRLkRudgulnM8dv G6xTdD1UB5Qywd83jOTGO8wFx0q1QpRABVFfjiIrDoa4O9dwacYVTKWkxHBQO4Z2 IKXLje41BXYI3WDHU81EgwdiDlTDPOwDh/JQMOSmHap9fz++WgsJjvdvqyYIS6tT OkUBydCD5S+ZZ5p0YDXQK5Z/sgnFne/0bsJqAwpMtImkM1M8r1b7/Ryldy/gR/rb Er40G1kRYr7zo7MT+oF3Sn0rNaGuPbMGyJx/hREm/E9tJrH0CHoSmIKEWfx1u+Lu xtyjVTAqGsAEBzng+WFNozeKNr6t9fFmhxXXqnOj79zzjakRbcKCmTtGsDCoc0U5 gZZA8T7IEYiKzncDzSVEQvSvsw/pjTB5apUDj3vn7u/k8lFm57QDg8Bk+3Br7uWK 1KKrscvMWmvTXZqKRx5Dfp85cNIfZ3gt5pPedLW4UCGEktbIsnMKiCSDLVl+q6Pi F4FlPrVCYZmj/3zK8EfAnJxueI4WwNFmNiLyxi1wP7JQNvIFhQoD5gKezF8OfoEc 4U1migkGTZOtlrQvhC0vSjnCIyg00zzJJGruldkXR3GjLxJjIzWdIPBd+OIp5uGa /bKTbrpVGhQ=vVgJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. ========================================================================= Ubuntu Security Notice USN-5016-1 July 20, 2021 linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp, linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8, linux-raspi vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: linux-image-5.8.0-1032-raspi 5.8.0-1032.35 linux-image-5.8.0-1032-raspi-nolpae 5.8.0-1032.35 linux-image-5.8.0-1033-kvm 5.8.0-1033.36 linux-image-5.8.0-1037-oracle 5.8.0-1037.38 linux-image-5.8.0-1038-gcp 5.8.0-1038.40 linux-image-5.8.0-1039-azure 5.8.0-1039.42 linux-image-5.8.0-1041-aws 5.8.0-1041.43 linux-image-5.8.0-63-generic 5.8.0-63.71 linux-image-5.8.0-63-generic-64k 5.8.0-63.71 linux-image-5.8.0-63-generic-lpae 5.8.0-63.71 linux-image-5.8.0-63-lowlatency 5.8.0-63.71 linux-image-aws 5.8.0.1041.43 linux-image-azure 5.8.0.1039.40 linux-image-gcp 5.8.0.1038.38 linux-image-generic 5.8.0.63.69 linux-image-generic-64k 5.8.0.63.69 linux-image-generic-lpae 5.8.0.63.69 linux-image-gke 5.8.0.1038.38 linux-image-kvm 5.8.0.1033.36 linux-image-lowlatency 5.8.0.63.69 linux-image-oem-20.04 5.8.0.63.69 linux-image-oracle 5.8.0.1037.36 linux-image-raspi 5.8.0.1032.34 linux-image-raspi-nolpae 5.8.0.1032.34 linux-image-virtual 5.8.0.63.69 Ubuntu 20.04 LTS: linux-image-5.8.0-1037-oracle 5.8.0-1037.38~20.04.1 linux-image-5.8.0-1038-gcp 5.8.0-1038.40~20.04.1 linux-image-5.8.0-1039-azure 5.8.0-1039.42~20.04.1 linux-image-5.8.0-1041-aws 5.8.0-1041.43~20.04.1 linux-image-5.8.0-63-generic 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-64k 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-lpae 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-lowlatency 5.8.0-63.71~20.04.1 linux-image-aws 5.8.0.1041.43~20.04.13 linux-image-azure 5.8.0.1039.42~20.04.11 linux-image-gcp 5.8.0.1038.40~20.04.13 linux-image-generic-64k-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-generic-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-generic-lpae-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-lowlatency-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-oracle 5.8.0.1037.38~20.04.13 linux-image-virtual-hwe-20.04 5.8.0.63.71~20.04.45 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 7) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * kernel-rt: update to the latest RHEL7.9.z7 source tree (BZ#1967333) 4. An attacker in a guest VM could use this to write to portions of the host’s physical memory. (CVE-2021-3653) Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host’s physical memory. (CVE-2021-22555) It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. If you are running a kernel version earlier than the one listed below, please upgrade your kernel as soon as possible

Trust: 1.71

sources: NVD: CVE-2021-33909 // VULMON: CVE-2021-33909 // PACKETSTORM: 169086 // PACKETSTORM: 163578 // PACKETSTORM: 163594 // PACKETSTORM: 163597 // PACKETSTORM: 163602 // PACKETSTORM: 163603 // PACKETSTORM: 163607 // PACKETSTORM: 164155

AFFECTED PRODUCTS

vendor:	linux	model:	kernel	scope:	gte	version:	4.20	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.5	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	9.0	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.5	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	netapp	model:	solidfire	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	3.16	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.10	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	8.4	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	3.12.43	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.9.276	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.14.240	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.4.134	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.11	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.13	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.12.19	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.13.4	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.4.276	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.15	Trust: 1.0
vendor:	netapp	model:	hci management node	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	3.13	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.10.52	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	8.3	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	8.2	Trust: 1.0
vendor:	sonicwall	model:	sma1000	scope:	lte	version:	12.4.2-02044	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.19.198	Trust: 1.0

sources: NVD: CVE-2021-33909

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-33909
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202107-1534
value:	HIGH
Trust: 0.6
VULMON:	CVE-2021-33909
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-33909
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1

nvd@nist.gov:	CVE-2021-33909
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULMON: CVE-2021-33909 // CNNVD: CNNVD-202107-1534 // NVD: CVE-2021-33909

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	CWE-190	Trust: 1.0

sources: NVD: CVE-2021-33909

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 163597 // CNNVD: CNNVD-202107-1534

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202107-1534

PATCH

title:	Linux kernel Enter the fix for the verification error vulnerability	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=157416	Trust: 0.6
title:	Amazon Linux AMI: ALAS-2021-1524	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1524	Trust: 0.1
title:	Debian Security Advisories: DSA-4941-1 linux -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=fb9b5f5cc430f484f4420a11b7b87136	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-055	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-055	Trust: 0.1
title:	Amazon Linux 2: ALAS2KERNEL-5.10-2022-003	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.10-2022-003	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2021-1691	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1691	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-057	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-057	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-056	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-056	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202107-48] linux: privilege escalation	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-48	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202107-50] linux-hardened: privilege escalation	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-50	Trust: 0.1
title:	Amazon Linux 2: ALAS2KERNEL-5.4-2022-005	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.4-2022-005	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-058	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-058	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-059	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-059	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202107-49] linux-zen: privilege escalation	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-49	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202107-51] linux-lts: privilege escalation	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-51	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-33909 log	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	LinuxVulnerabilities	url:	https://github.com/gitezri/LinuxVulnerabilities	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2021-33909	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/AmIAHuman/CVE-2021-33909	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/Liang2580/CVE-2021-33909	Trust: 0.1
title:	cve-2021-33909	url:	https://github.com/baerwolf/cve-2021-33909	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/bbinfosec43/CVE-2021-33909	Trust: 0.1
title:	deep-directory	url:	https://github.com/sfowl/deep-directory	Trust: 0.1
title:	integer_compilation_flags	url:	https://github.com/mdulin2/integer_compilation_flags	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/AlAIAL90/CVE-2021-33909	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/ChrisTheCoolHut/CVE-2021-33909	Trust: 0.1
title:	-	url:	https://github.com/knewbury01/codeql-workshop-integer-conversion	Trust: 0.1
title:	kickstart-rhel8	url:	https://github.com/alexhaydock/kickstart-rhel8	Trust: 0.1
title:	exploit_articles	url:	https://github.com/ChoKyuWon/exploit_articles	Trust: 0.1
title:	-	url:	https://github.com/hardenedvault/ved	Trust: 0.1
title:	SVG-advisories	url:	https://github.com/EGI-Federation/SVG-advisories	Trust: 0.1
title:	-	url:	https://github.com/makoto56/penetration-suite-toolkit	Trust: 0.1

sources: VULMON: CVE-2021-33909 // CNNVD: CNNVD-202107-1534

EXTERNAL IDS

db:	NVD	id:	CVE-2021-33909	Trust: 2.5
db:	PACKETSTORM	id:	164155	Trust: 1.7
db:	OPENWALL	id:	OSS-SECURITY/2021/09/21/1	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/07/20/1	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/09/17/4	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/07/22/7	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/09/17/2	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/08/25/10	Trust: 1.6
db:	PACKETSTORM	id:	165477	Trust: 1.6
db:	PACKETSTORM	id:	163621	Trust: 1.6
db:	PACKETSTORM	id:	163671	Trust: 1.6
db:	PACKETSTORM	id:	163568	Trust: 0.6
db:	PACKETSTORM	id:	163634	Trust: 0.6
db:	PACKETSTORM	id:	163577	Trust: 0.6
db:	PACKETSTORM	id:	163682	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0060	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3346	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3796	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2589	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3070	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2547	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2461	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2453	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2749	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2543	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2597	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2583	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2444	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2657	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2691	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2532	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4089	Trust: 0.6
db:	CS-HELP	id:	SB2021072222	Trust: 0.6
db:	CS-HELP	id:	SB2021122404	Trust: 0.6
db:	CS-HELP	id:	SB2021072291	Trust: 0.6
db:	CS-HELP	id:	SB2021080304	Trust: 0.6
db:	CS-HELP	id:	SB2021072623	Trust: 0.6
db:	CS-HELP	id:	SB2022012748	Trust: 0.6
db:	CNNVD	id:	CNNVD-202107-1534	Trust: 0.6
db:	VULMON	id:	CVE-2021-33909	Trust: 0.1
db:	PACKETSTORM	id:	169086	Trust: 0.1
db:	PACKETSTORM	id:	163578	Trust: 0.1
db:	PACKETSTORM	id:	163594	Trust: 0.1
db:	PACKETSTORM	id:	163597	Trust: 0.1
db:	PACKETSTORM	id:	163602	Trust: 0.1
db:	PACKETSTORM	id:	163603	Trust: 0.1
db:	PACKETSTORM	id:	163607	Trust: 0.1

sources: VULMON: CVE-2021-33909 // PACKETSTORM: 169086 // PACKETSTORM: 163578 // PACKETSTORM: 163594 // PACKETSTORM: 163597 // PACKETSTORM: 163602 // PACKETSTORM: 163603 // PACKETSTORM: 163607 // PACKETSTORM: 164155 // CNNVD: CNNVD-202107-1534 // NVD: CVE-2021-33909

REFERENCES

url:	http://packetstormsecurity.com/files/165477/kernel-live-patch-security-notice-lsn-0083-1.html	Trust: 2.2
url:	http://packetstormsecurity.com/files/163671/kernel-live-patch-security-notice-lsn-0079-1.html	Trust: 2.2
url:	http://packetstormsecurity.com/files/164155/kernel-live-patch-security-notice-lsn-0081-1.html	Trust: 2.2
url:	https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/09/17/2	Trust: 1.6
url:	https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/09/17/4	Trust: 1.6
url:	https://www.oracle.com/security-alerts/cpujan2022.html	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/08/25/10	Trust: 1.6
url:	https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html	Trust: 1.6
url:	https://www.openwall.com/lists/oss-security/2021/07/20/1	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/09/21/1	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/07/22/7	Trust: 1.6
url:	http://packetstormsecurity.com/files/163621/sequoia-a-deep-root-in-linuxs-filesystem-layer.html	Trust: 1.6
url:	https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html	Trust: 1.6
url:	https://www.debian.org/security/2021/dsa-4941	Trust: 1.6
url:	https://psirt.global.sonicwall.com/vuln-detail/snwlid-2022-0015	Trust: 1.6
url:	https://security.netapp.com/advisory/ntap-20210819-0004/	Trust: 1.6
url:	https://cdn.kernel.org/pub/linux/kernel/v5.x/changelog-5.13.4	Trust: 1.6
url:	https://access.redhat.com/security/cve/cve-2021-33909	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/z4uhhigiso3fvrf4cqnjs4ika25atsfu/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33909	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/z4uhhigiso3fvrf4cqnjs4ika25atsfu/	Trust: 0.6
url:	https://packetstormsecurity.com/files/163634/red-hat-security-advisory-2021-2736-01.html	Trust: 0.6
url:	https://device.harmonyos.com/cn/docs/security/update/security-bulletins-visions-202110-0000001162597918	Trust: 0.6
url:	https://vigilance.fr/vulnerability/linux-kernel-integer-overflow-via-seq-set-overflow-35938	Trust: 0.6
url:	https://packetstormsecurity.com/files/163577/red-hat-security-advisory-2021-2733-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021080304	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072623	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2657	Trust: 0.6
url:	https://source.android.com/security/bulletin/2021-12-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0060	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072222	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6490825	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2583	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2461	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2444	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2543	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4089	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3796	Trust: 0.6
url:	https://packetstormsecurity.com/files/163568/red-hat-security-advisory-2021-2734-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3070	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3346	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072291	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2547	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2589	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2749	Trust: 0.6
url:	https://packetstormsecurity.com/files/163682/red-hat-security-advisory-2021-2763-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2691	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2532	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6525250	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2597	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022012748	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2453	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021122404	Trust: 0.6
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.5
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.5
url:	https://access.redhat.com/articles/11258	Trust: 0.5
url:	https://access.redhat.com/security/team/key/	Trust: 0.5
url:	https://access.redhat.com/security/vulnerabilities/rhsb-2021-006	Trust: 0.5
url:	https://bugzilla.redhat.com/):	Trust: 0.5
url:	https://access.redhat.com/security/team/contact/	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33034	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-33034	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32399	Trust: 0.2
url:	https://security-tracker.debian.org/tracker/linux	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-34693	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36311	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3609	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2735	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12362	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3347	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12362	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3347	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2727	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-63.71~20.04.1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23134	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1041.43	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1038.40	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5016-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws-5.8/5.8.0-1041.43~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.8.0-63.71	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle-5.8/5.8.0-1037.38~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1039.42	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1032.35	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3506	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1037.38	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1039.42~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1033.36	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-5.8/5.8.0-1038.40~20.04.1	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2720	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32399	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2716	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2726	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20934	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33033	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-11668	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20934	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11668	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33033	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22555	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3653	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3656	Trust: 0.1
url:	https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce	Trust: 0.1

sources: PACKETSTORM: 169086 // PACKETSTORM: 163578 // PACKETSTORM: 163594 // PACKETSTORM: 163597 // PACKETSTORM: 163602 // PACKETSTORM: 163603 // PACKETSTORM: 163607 // PACKETSTORM: 164155 // CNNVD: CNNVD-202107-1534 // NVD: CVE-2021-33909

CREDITS

Red Hat

Trust: 0.5

sources: PACKETSTORM: 163578 // PACKETSTORM: 163594 // PACKETSTORM: 163602 // PACKETSTORM: 163603 // PACKETSTORM: 163607

SOURCES

db:	VULMON	id:	CVE-2021-33909
db:	PACKETSTORM	id:	169086
db:	PACKETSTORM	id:	163578
db:	PACKETSTORM	id:	163594
db:	PACKETSTORM	id:	163597
db:	PACKETSTORM	id:	163602
db:	PACKETSTORM	id:	163603
db:	PACKETSTORM	id:	163607
db:	PACKETSTORM	id:	164155
db:	CNNVD	id:	CNNVD-202107-1534
db:	NVD	id:	CVE-2021-33909

LAST UPDATE DATE

2026-03-23T23:20:49.415000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2021-33909	date:	2023-11-07T00:00:00
db:	CNNVD	id:	CNNVD-202107-1534	date:	2022-12-12T00:00:00
db:	NVD	id:	CVE-2021-33909	date:	2023-11-07T03:35:56.050

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2021-33909	date:	2021-07-20T00:00:00
db:	PACKETSTORM	id:	169086	date:	2021-07-28T19:12:00
db:	PACKETSTORM	id:	163578	date:	2021-07-21T16:02:03
db:	PACKETSTORM	id:	163594	date:	2021-07-21T16:04:11
db:	PACKETSTORM	id:	163597	date:	2021-07-21T16:04:29
db:	PACKETSTORM	id:	163602	date:	2021-07-21T16:05:06
db:	PACKETSTORM	id:	163603	date:	2021-07-21T16:05:14
db:	PACKETSTORM	id:	163607	date:	2021-07-21T16:05:44
db:	PACKETSTORM	id:	164155	date:	2021-09-14T16:28:49
db:	CNNVD	id:	CNNVD-202107-1534	date:	2021-07-20T00:00:00
db:	NVD	id:	CVE-2021-33909	date:	2021-07-20T19:15:09.747