Details of VAR-202107-1361

ID

VAR-202107-1361

CVE

CVE-2021-33909

TITLE

Linux kernel Input validation error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202107-1534

DESCRIPTION

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. 6 ELS) - i386, s390x, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:2730-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2730 Issue date: 2021-07-20 CVE Names: CVE-2021-3347 CVE-2021-33034 CVE-2021-33909 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: Use after free via PI futex state (CVE-2021-3347) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap [7.9.z] (BZ#1975159) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1922249 - CVE-2021-3347 kernel: Use after free via PI futex state 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.6): Source: kernel-3.10.0-957.78.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm x86_64: bpftool-3.10.0-957.78.2.el7.x86_64.rpm kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.6): Source: kernel-3.10.0-957.78.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm ppc64le: kernel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm kernel-devel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-headers-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-957.78.2.el7.ppc64le.rpm perf-3.10.0-957.78.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm x86_64: kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.6): Source: kernel-3.10.0-957.78.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm x86_64: bpftool-3.10.0-957.78.2.el7.x86_64.rpm kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.6): x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.6): ppc64le: kernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.6): x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3347 https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPc/p9zjgjWX9erEAQiGYQ/6Apfv6Vn+s1cJsOrv5bpIB+TZWR8Dw4w6 7q5tqmrA0W38qvq7EWqVwAZMtmF2YXIcuP8i8zELAPG/Y1oMax3Piy5nxc4OR55i 8H9pc0lGZn9UJtryWMPaJRqvWGF1WhE/vGPUkHhI3CmoSVDN3B3OqfC04oeVa/Gt f9wikugrLvXoD+YsJk1LAn0tJ+xGrcbMRvwxvvtvwRsje2cGPU6OAEWQr1ZKyNZc Fwi6jLUve8d3wxE6+C6IocTYMcZcw2e2U4KOwE/ONXjjNgbwV+deQU16HJk4BjcA rDqtVUWzNGXzONh6Ua4yEisVe8LdhPNoZaciNx56lKpOs8Vbv58w29edfR1zf0fW c1gH+0S19jDSwsESNSKJth5A/GY0zxsUeh5qDjoFUF1AH6IuZNmPb3VGcl5klKuo outLUo2jeIRiBiZaNSVe32nbWCEkAoFF5WrvfHYmi+i9U45gLvUG2N58ZtOQiQkb potW9xF7f15Mm1Xm9TOIaNy+ykh7TJRxKnQSaAk/jnzTLp3XeVNmPTztx7zA4Z50 bgM/MQWB9j7NMjwEopdbS4lxJsvaXerwXPT+1WDAzBZ5clOKyB5hTxTTBOrsErzs O+wKRVu9eU4FMR6ULeL+pLCZPm0eVlu9jBuySEUI05/FkAVu/YUDrgXvMiy6XknI ziN+XVubHjk=1ifB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. ========================================================================= Ubuntu Security Notice USN-5016-1 July 20, 2021 linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp, linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8, linux-raspi vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134) It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034) It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: linux-image-5.8.0-1032-raspi 5.8.0-1032.35 linux-image-5.8.0-1032-raspi-nolpae 5.8.0-1032.35 linux-image-5.8.0-1033-kvm 5.8.0-1033.36 linux-image-5.8.0-1037-oracle 5.8.0-1037.38 linux-image-5.8.0-1038-gcp 5.8.0-1038.40 linux-image-5.8.0-1039-azure 5.8.0-1039.42 linux-image-5.8.0-1041-aws 5.8.0-1041.43 linux-image-5.8.0-63-generic 5.8.0-63.71 linux-image-5.8.0-63-generic-64k 5.8.0-63.71 linux-image-5.8.0-63-generic-lpae 5.8.0-63.71 linux-image-5.8.0-63-lowlatency 5.8.0-63.71 linux-image-aws 5.8.0.1041.43 linux-image-azure 5.8.0.1039.40 linux-image-gcp 5.8.0.1038.38 linux-image-generic 5.8.0.63.69 linux-image-generic-64k 5.8.0.63.69 linux-image-generic-lpae 5.8.0.63.69 linux-image-gke 5.8.0.1038.38 linux-image-kvm 5.8.0.1033.36 linux-image-lowlatency 5.8.0.63.69 linux-image-oem-20.04 5.8.0.63.69 linux-image-oracle 5.8.0.1037.36 linux-image-raspi 5.8.0.1032.34 linux-image-raspi-nolpae 5.8.0.1032.34 linux-image-virtual 5.8.0.63.69 Ubuntu 20.04 LTS: linux-image-5.8.0-1037-oracle 5.8.0-1037.38~20.04.1 linux-image-5.8.0-1038-gcp 5.8.0-1038.40~20.04.1 linux-image-5.8.0-1039-azure 5.8.0-1039.42~20.04.1 linux-image-5.8.0-1041-aws 5.8.0-1041.43~20.04.1 linux-image-5.8.0-63-generic 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-64k 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-generic-lpae 5.8.0-63.71~20.04.1 linux-image-5.8.0-63-lowlatency 5.8.0-63.71~20.04.1 linux-image-aws 5.8.0.1041.43~20.04.13 linux-image-azure 5.8.0.1039.42~20.04.11 linux-image-gcp 5.8.0.1038.40~20.04.13 linux-image-generic-64k-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-generic-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-generic-lpae-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-lowlatency-hwe-20.04 5.8.0.63.71~20.04.45 linux-image-oracle 5.8.0.1037.38~20.04.13 linux-image-virtual-hwe-20.04 5.8.0.63.71~20.04.45 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * kernel-rt: update to the latest RHEL7.9.z7 source tree (BZ#1967333) 4. An attacker in a guest VM could use this to write to portions of the host’s physical memory. (CVE-2021-3653) Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host’s physical memory. (CVE-2021-22555) It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. If you are running a kernel version earlier than the one listed below, please upgrade your kernel as soon as possible

Trust: 1.71

sources: NVD: CVE-2021-33909 // VULMON: CVE-2021-33909 // PACKETSTORM: 163578 // PACKETSTORM: 163583 // PACKETSTORM: 163594 // PACKETSTORM: 163597 // PACKETSTORM: 163602 // PACKETSTORM: 163603 // PACKETSTORM: 163607 // PACKETSTORM: 164155

AFFECTED PRODUCTS

vendor:	linux	model:	kernel	scope:	gte	version:	4.20	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.5	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	9.0	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.5	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	netapp	model:	solidfire	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	3.16	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.10	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	8.4	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	3.12.43	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.9.276	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.14.240	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.4.134	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.11	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.13	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.12.19	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.13.4	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.4.276	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.15	Trust: 1.0
vendor:	netapp	model:	hci management node	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	3.13	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.10.52	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	8.3	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	8.2	Trust: 1.0
vendor:	sonicwall	model:	sma1000	scope:	lte	version:	12.4.2-02044	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.19.198	Trust: 1.0

sources: NVD: CVE-2021-33909

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-33909
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202107-1534
value:	HIGH
Trust: 0.6
VULMON:	CVE-2021-33909
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-33909
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1

nvd@nist.gov:	CVE-2021-33909
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULMON: CVE-2021-33909 // CNNVD: CNNVD-202107-1534 // NVD: CVE-2021-33909

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	CWE-190	Trust: 1.0

sources: NVD: CVE-2021-33909

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 163597 // CNNVD: CNNVD-202107-1534

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202107-1534

PATCH

title:	Linux kernel Enter the fix for the verification error vulnerability	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=157416	Trust: 0.6
title:	Amazon Linux AMI: ALAS-2021-1524	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1524	Trust: 0.1
title:	Debian Security Advisories: DSA-4941-1 linux -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=fb9b5f5cc430f484f4420a11b7b87136	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-055	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-055	Trust: 0.1
title:	Amazon Linux 2: ALAS2KERNEL-5.10-2022-003	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.10-2022-003	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2021-1691	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1691	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-057	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-057	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-056	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-056	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202107-48] linux: privilege escalation	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-48	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202107-50] linux-hardened: privilege escalation	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-50	Trust: 0.1
title:	Amazon Linux 2: ALAS2KERNEL-5.4-2022-005	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.4-2022-005	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-058	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-058	Trust: 0.1
title:	Amazon Linux 2: ALAS2LIVEPATCH-2021-059	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-059	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202107-49] linux-zen: privilege escalation	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-49	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202107-51] linux-lts: privilege escalation	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202107-51	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-33909 log	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	LinuxVulnerabilities	url:	https://github.com/gitezri/LinuxVulnerabilities	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2021-33909	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/AmIAHuman/CVE-2021-33909	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/Liang2580/CVE-2021-33909	Trust: 0.1
title:	cve-2021-33909	url:	https://github.com/baerwolf/cve-2021-33909	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/bbinfosec43/CVE-2021-33909	Trust: 0.1
title:	deep-directory	url:	https://github.com/sfowl/deep-directory	Trust: 0.1
title:	integer_compilation_flags	url:	https://github.com/mdulin2/integer_compilation_flags	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/AlAIAL90/CVE-2021-33909	Trust: 0.1
title:	CVE-2021-33909	url:	https://github.com/ChrisTheCoolHut/CVE-2021-33909	Trust: 0.1
title:	-	url:	https://github.com/knewbury01/codeql-workshop-integer-conversion	Trust: 0.1
title:	kickstart-rhel8	url:	https://github.com/alexhaydock/kickstart-rhel8	Trust: 0.1
title:	exploit_articles	url:	https://github.com/ChoKyuWon/exploit_articles	Trust: 0.1
title:	-	url:	https://github.com/hardenedvault/ved	Trust: 0.1
title:	SVG-advisories	url:	https://github.com/EGI-Federation/SVG-advisories	Trust: 0.1
title:	-	url:	https://github.com/makoto56/penetration-suite-toolkit	Trust: 0.1

sources: VULMON: CVE-2021-33909 // CNNVD: CNNVD-202107-1534

EXTERNAL IDS

db:	NVD	id:	CVE-2021-33909	Trust: 2.5
db:	PACKETSTORM	id:	164155	Trust: 1.7
db:	OPENWALL	id:	OSS-SECURITY/2021/09/21/1	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/07/20/1	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/09/17/4	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/07/22/7	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/09/17/2	Trust: 1.6
db:	OPENWALL	id:	OSS-SECURITY/2021/08/25/10	Trust: 1.6
db:	PACKETSTORM	id:	165477	Trust: 1.6
db:	PACKETSTORM	id:	163621	Trust: 1.6
db:	PACKETSTORM	id:	163671	Trust: 1.6
db:	PACKETSTORM	id:	163568	Trust: 0.6
db:	PACKETSTORM	id:	163634	Trust: 0.6
db:	PACKETSTORM	id:	163577	Trust: 0.6
db:	PACKETSTORM	id:	163682	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0060	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3346	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3796	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2589	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3070	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2547	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2461	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2453	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2749	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2543	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2597	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2583	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2444	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2657	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2691	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2532	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4089	Trust: 0.6
db:	CS-HELP	id:	SB2021072222	Trust: 0.6
db:	CS-HELP	id:	SB2021122404	Trust: 0.6
db:	CS-HELP	id:	SB2021072291	Trust: 0.6
db:	CS-HELP	id:	SB2021080304	Trust: 0.6
db:	CS-HELP	id:	SB2021072623	Trust: 0.6
db:	CS-HELP	id:	SB2022012748	Trust: 0.6
db:	CNNVD	id:	CNNVD-202107-1534	Trust: 0.6
db:	VULMON	id:	CVE-2021-33909	Trust: 0.1
db:	PACKETSTORM	id:	163578	Trust: 0.1
db:	PACKETSTORM	id:	163583	Trust: 0.1
db:	PACKETSTORM	id:	163594	Trust: 0.1
db:	PACKETSTORM	id:	163597	Trust: 0.1
db:	PACKETSTORM	id:	163602	Trust: 0.1
db:	PACKETSTORM	id:	163603	Trust: 0.1
db:	PACKETSTORM	id:	163607	Trust: 0.1

sources: VULMON: CVE-2021-33909 // PACKETSTORM: 163578 // PACKETSTORM: 163583 // PACKETSTORM: 163594 // PACKETSTORM: 163597 // PACKETSTORM: 163602 // PACKETSTORM: 163603 // PACKETSTORM: 163607 // PACKETSTORM: 164155 // CNNVD: CNNVD-202107-1534 // NVD: CVE-2021-33909

REFERENCES

url:	http://packetstormsecurity.com/files/165477/kernel-live-patch-security-notice-lsn-0083-1.html	Trust: 2.2
url:	http://packetstormsecurity.com/files/163671/kernel-live-patch-security-notice-lsn-0079-1.html	Trust: 2.2
url:	http://packetstormsecurity.com/files/164155/kernel-live-patch-security-notice-lsn-0081-1.html	Trust: 2.2
url:	https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/09/17/2	Trust: 1.6
url:	https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/09/17/4	Trust: 1.6
url:	https://www.oracle.com/security-alerts/cpujan2022.html	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/08/25/10	Trust: 1.6
url:	https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html	Trust: 1.6
url:	https://www.openwall.com/lists/oss-security/2021/07/20/1	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/09/21/1	Trust: 1.6
url:	http://www.openwall.com/lists/oss-security/2021/07/22/7	Trust: 1.6
url:	http://packetstormsecurity.com/files/163621/sequoia-a-deep-root-in-linuxs-filesystem-layer.html	Trust: 1.6
url:	https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html	Trust: 1.6
url:	https://www.debian.org/security/2021/dsa-4941	Trust: 1.6
url:	https://psirt.global.sonicwall.com/vuln-detail/snwlid-2022-0015	Trust: 1.6
url:	https://security.netapp.com/advisory/ntap-20210819-0004/	Trust: 1.6
url:	https://cdn.kernel.org/pub/linux/kernel/v5.x/changelog-5.13.4	Trust: 1.6
url:	https://access.redhat.com/security/cve/cve-2021-33909	Trust: 1.2
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/z4uhhigiso3fvrf4cqnjs4ika25atsfu/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33909	Trust: 0.8
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.6
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.6
url:	https://access.redhat.com/articles/11258	Trust: 0.6
url:	https://access.redhat.com/security/team/key/	Trust: 0.6
url:	https://access.redhat.com/security/vulnerabilities/rhsb-2021-006	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.6
url:	https://access.redhat.com/security/team/contact/	Trust: 0.6
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/z4uhhigiso3fvrf4cqnjs4ika25atsfu/	Trust: 0.6
url:	https://packetstormsecurity.com/files/163634/red-hat-security-advisory-2021-2736-01.html	Trust: 0.6
url:	https://device.harmonyos.com/cn/docs/security/update/security-bulletins-visions-202110-0000001162597918	Trust: 0.6
url:	https://vigilance.fr/vulnerability/linux-kernel-integer-overflow-via-seq-set-overflow-35938	Trust: 0.6
url:	https://packetstormsecurity.com/files/163577/red-hat-security-advisory-2021-2733-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021080304	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072623	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2657	Trust: 0.6
url:	https://source.android.com/security/bulletin/2021-12-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0060	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072222	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6490825	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2583	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2461	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2444	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2543	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4089	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3796	Trust: 0.6
url:	https://packetstormsecurity.com/files/163568/red-hat-security-advisory-2021-2734-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3070	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3346	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072291	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2547	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2589	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2749	Trust: 0.6
url:	https://packetstormsecurity.com/files/163682/red-hat-security-advisory-2021-2763-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2691	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2532	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6525250	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2597	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022012748	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2453	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021122404	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33034	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-33034	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-3347	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3347	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32399	Trust: 0.2
url:	https://access.redhat.com/errata/rhsa-2021:2735	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12362	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12362	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2730	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2727	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-63.71~20.04.1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23134	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1041.43	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1038.40	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5016-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws-5.8/5.8.0-1041.43~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.8.0-63.71	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle-5.8/5.8.0-1037.38~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1039.42	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1032.35	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3506	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1037.38	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1039.42~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1033.36	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-5.8/5.8.0-1038.40~20.04.1	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2720	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32399	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2716	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2726	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20934	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33033	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-11668	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20934	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11668	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33033	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22555	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3653	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3656	Trust: 0.1
url:	https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce	Trust: 0.1

sources: PACKETSTORM: 163578 // PACKETSTORM: 163583 // PACKETSTORM: 163594 // PACKETSTORM: 163597 // PACKETSTORM: 163602 // PACKETSTORM: 163603 // PACKETSTORM: 163607 // PACKETSTORM: 164155 // CNNVD: CNNVD-202107-1534 // NVD: CVE-2021-33909

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 163578 // PACKETSTORM: 163583 // PACKETSTORM: 163594 // PACKETSTORM: 163602 // PACKETSTORM: 163603 // PACKETSTORM: 163607

SOURCES

db:	VULMON	id:	CVE-2021-33909
db:	PACKETSTORM	id:	163578
db:	PACKETSTORM	id:	163583
db:	PACKETSTORM	id:	163594
db:	PACKETSTORM	id:	163597
db:	PACKETSTORM	id:	163602
db:	PACKETSTORM	id:	163603
db:	PACKETSTORM	id:	163607
db:	PACKETSTORM	id:	164155
db:	CNNVD	id:	CNNVD-202107-1534
db:	NVD	id:	CVE-2021-33909

LAST UPDATE DATE

2025-11-28T03:32:40.235000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2021-33909	date:	2023-11-07T00:00:00
db:	CNNVD	id:	CNNVD-202107-1534	date:	2022-12-12T00:00:00
db:	NVD	id:	CVE-2021-33909	date:	2023-11-07T03:35:56.050

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2021-33909	date:	2021-07-20T00:00:00
db:	PACKETSTORM	id:	163578	date:	2021-07-21T16:02:03
db:	PACKETSTORM	id:	163583	date:	2021-07-21T16:02:44
db:	PACKETSTORM	id:	163594	date:	2021-07-21T16:04:11
db:	PACKETSTORM	id:	163597	date:	2021-07-21T16:04:29
db:	PACKETSTORM	id:	163602	date:	2021-07-21T16:05:06
db:	PACKETSTORM	id:	163603	date:	2021-07-21T16:05:14
db:	PACKETSTORM	id:	163607	date:	2021-07-21T16:05:44
db:	PACKETSTORM	id:	164155	date:	2021-09-14T16:28:49
db:	CNNVD	id:	CNNVD-202107-1534	date:	2021-07-20T00:00:00
db:	NVD	id:	CVE-2021-33909	date:	2021-07-20T19:15:09.747