ID

VAR-202201-0496


CVE

CVE-2021-4197


TITLE

Linux Kernel  Authentication vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-019487

DESCRIPTION

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. Linux Kernel There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Linux kernel is the kernel used by the American Linux Foundation's open source operating system Linux. Attackers can use this vulnerability to bypass the restrictions of the Linux kernel through Cgroup Fd Writing to elevate their privileges. ========================================================================== Ubuntu Security Notice USN-5513-1 July 13, 2022 linux-aws vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws: Linux kernel for Amazon Web Services (AWS) systems Details: Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3752) It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-39685) It was discovered that the Ion Memory Manager subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-39714) Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. (CVE-2021-4197) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) It was discovered that the PF_KEYv2 implementation in the Linux kernel did not properly initialize kernel memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1353) It was discovered that the virtual graphics memory manager implementation in the Linux kernel was subject to a race condition, potentially leading to an information leak. (CVE-2022-1419) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system) or execute arbitrary code. (CVE-2022-1734) It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123) It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21125) It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21166) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) 赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. (CVE-2022-28356) It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. (CVE-2022-28388) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: linux-image-4.4.0-1109-aws 4.4.0-1109.115 linux-image-aws 4.4.0.1109.106 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5513-1 CVE-2021-3609, CVE-2021-3752, CVE-2021-3760, CVE-2021-39685, CVE-2021-39714, CVE-2021-4197, CVE-2021-4202, CVE-2022-0330, CVE-2022-1353, CVE-2022-1419, CVE-2022-1652, CVE-2022-1679, CVE-2022-1734, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-24958, CVE-2022-28356, CVE-2022-28388 . Description: Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Summary: The Migration Toolkit for Containers (MTC) 1.7.2 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/): 2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes 2038898 - [UI] ?Update Repository? option not getting disabled after adding the Replication Repository details to the MTC web console 2040693 - ?Replication repository? wizard has no validation for name length 2040695 - [MTC UI] ?Add Cluster? wizard stucks when the cluster name length is more than 63 characters 2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2048537 - Exposed route host to image registry? connecting successfully to invalid registry ?xyz.com? 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2055658 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings 2056962 - [MTC UI] UI shows the wrong migration type info after changing the target namespace 2058172 - [MTC UI] Successful Rollback is not showing the green success icon in the ?Last State? field. 2058529 - [MTC UI] Migrations Plan is missing the type for the state migration performed before upgrade 2061335 - [MTC UI] ?Update cluster? button is not getting disabled 2062266 - MTC UI does not display logs properly [OADP-BL] 2062862 - [MTC UI] Clusters page behaving unexpectedly on deleting the remote cluster?s service account secret from backend 2074675 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x 2076593 - Velero pod log missing from UI drop down 2076599 - Velero pod log missing from downloaded logs folder [OADP-BL] 2078459 - [MTC UI] Storageclass conversion plan is adding migstorage reference in migplan 2079252 - [MTC] Rsync options logs not visible in log-reader pod 2082221 - Don't allow Storage class conversion migration if source cluster has only one storage class defined [UI] 2082225 - non-numeric user when launching stage pods [OADP-BL] 2088022 - Default CPU requests on Velero/Restic are too demanding making scheduling fail in certain environments 2088026 - Cloud propagation phase in migration controller is not doing anything due to missing labels on Velero pods 2089126 - [MTC] Migration controller cannot find Velero Pod because of wrong labels 2089411 - [MTC] Log reader pod is missing velero and restic pod logs [OADP-BL] 2089859 - [Crane] DPA CR is missing the required flag - Migration is getting failed at the EnsureCloudSecretPropagated phase due to the missing secret VolumeMounts 2090317 - [MTC] mig-operator failed to create a DPA CR due to null values are passed instead of int [OADP-BL] 2096939 - Fix legacy operator.yml inconsistencies and errors 2100486 - [MTC UI] Target storage class field is not getting respected when clusters don't have replication repo configured. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: OpenShift Container Platform 4.9.45 bug fix and security update Advisory ID: RHSA-2022:5879-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2022:5879 Issue date: 2022-08-09 CVE Names: CVE-2020-29368 CVE-2021-4197 CVE-2021-4203 CVE-2022-1012 CVE-2022-1729 CVE-2022-2403 CVE-2022-21540 CVE-2022-21541 CVE-2022-32250 CVE-2022-34169 ==================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.9.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.45. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHBA-2022:5878 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html Security Fix(es): * openshift: oauth-serving-cert configmap contains cluster certificate private key (CVE-2022-2403) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.45-x86_64 The image digest is sha256:8ab373599e8a010dffb9c7ed45e01c00cb06a7857fe21de102d978be4738b2ec (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.45-s390x The image digest is sha256:1dde8a7134081c82012a812e014daca4cba1095630e6d0c74b51da141d472984 (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.45-ppc64le The image digest is sha256:ec1fac628bec05eb6425c2ae9dcd3fca120cd1a8678155350bb4c65813cfc30e All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html 3. Solution: For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2009024 - Unable to complete cluster destruction, some ports are left over 2055494 - console operator should report Upgradeable False when SAN-less certs are used 2083554 - post 1.23 rebase: regression in service-load balancer reliability 2087021 - configure-ovs.sh fails, blocking new RHEL node from being scaled up on cluster without manual reboot 2088539 - Openshift route URLs starting with double slashes stopped working after update to 4.8.33 - curl version problems 2091806 - Cluster upgrade stuck due to "resource deletions in progress" 2095320 - [4.9] Bootimage bump tracker 2097157 - [4.9z] During ovnkube-node restart all host conntrack entries are flushed, leading to traffic disruption 2100786 - [OCP 4.9] Ironic cannot match "wwn" rootDeviceHint for a multipath device 2101664 - disabling ipv6 router advertisements using "all" does not disable it on secondary interfaces 2101959 - CVE-2022-2403 openshift: oauth-serving-cert configmap contains cluster certificate private key 2103982 - [4.9] AWS EBS CSI driver stuck removing EBS volumes - GetDeviceMountRefs check failed 2105277 - NetworkPolicies: ovnkube-master pods crashing due to panic: "invalid memory address or nil pointer dereference" 2105453 - Node reboot causes duplicate persistent volumes 2105654 - egressIP panics with nil pointer dereference 2105663 - APIRequestCount does not identify some APIs removed in 4.9 2106655 - Kubelet slowly leaking memory and pods eventually unable to start 2108538 - [4.9.z backport] br-ex not created due to default bond interface having a different mac address than expected 2108619 - ClusterVersion history pruner does not always retain initial completed update entry 5. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYvKietzjgjWX9erEAQjQ7g/+Ok8sWBeaehUxS8YKMtNEdLzO8Eg5TKfA 3MoORr+P+WZIQFy7pN/GeKojlsy1ApnNEnc7j0qC2dibUBfguOWEoAMdds07DwF3 Jw3iANT5sJZv3s4yT9FvYu9Wnwl/iYJ9w8iH19oePFFKg0QtxAWUvSlIvp2eSZ1L yw86wqAzASDqc86Y0fkIvmxopq80lyI//rNqPXsATKq1oGFRstQmfUz+2UxonlMC tVUfRJjlPDZDU57EpBcxWH/TVPV/JdvcQPQEOJ+u+ZVg2H4qEwptqpgjZ4upYbMJ AAIymXUwmX9QHOcXSOiZ+1DZMJawj5ezkqGwQIl919w3bX/m6peQPbBBoYbXLSrS gtRwgshIIZTs6AzOOVm6+XOSKGRR/C9i1YjNUBF6oY4s+wVtYJvtRwdNrKtH7pCT b0FMcLGG0yo/pGuMfB6zmgEn/tEL0IGqoSeN5avb+NObEDYWMGru4sBjdaA66wu4 1JfPAP/yQ7rW0NXleJXjv9Xhdae7b8en9YxlsWLcp/QE8bppT6tjyIW/aVXEZZva /B1ACyosleJYYYYoqqbU97mCaG/LfH/fz7euD9GgJXOCjGNoHAkKe/DOXg7YTSZP aDbtU3ZeESqyRpAJ8nkM4lZLFTxYNmDp+8tWMx6UXQnNRBOMW4bEQRtzTQB+vrWH fzoc8e3L82I=ARFk -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Relevant releases/architectures: Red Hat Enterprise Linux Real Time EUS (v.8.4) - x86_64 Red Hat Enterprise Linux Real Time for NFV EUS (v.8.4) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012) * kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729) * kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250) * kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197) * kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203) * kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.4.z10 source tree (BZ#2087922) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Bugs fixed (https://bugzilla.redhat.com/): 1903244 - CVE-2020-29368 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check 2035652 - CVE-2021-4197 kernel: cgroup: Use open-time creds and namespace for migration perm checks 2036934 - CVE-2021-4203 kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses 2064604 - CVE-2022-1012 kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak 2086753 - CVE-2022-1729 kernel: race condition in perf_event_open leads to privilege escalation 2092427 - CVE-2022-32250 kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root 6. Package List: Red Hat Enterprise Linux Real Time for NFV EUS (v.8.4): Source: kernel-rt-4.18.0-305.57.1.rt7.129.el8_4.src.rpm x86_64: kernel-rt-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-core-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-core-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-devel-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-kvm-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-modules-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debuginfo-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-devel-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-kvm-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-modules-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-modules-extra-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm Red Hat Enterprise Linux Real Time EUS (v.8.4): Source: kernel-rt-4.18.0-305.57.1.rt7.129.el8_4.src.rpm x86_64: kernel-rt-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-core-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-core-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-devel-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-modules-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debuginfo-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-devel-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-modules-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm kernel-rt-modules-extra-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7

Trust: 2.25

sources: NVD: CVE-2021-4197 // JVNDB: JVNDB-2021-019487 // VULHUB: VHN-410862 // PACKETSTORM: 167746 // PACKETSTORM: 167622 // PACKETSTORM: 167679 // PACKETSTORM: 168019 // PACKETSTORM: 167822 // PACKETSTORM: 167694

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:ltversion:5.15.14

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.15

Trust: 1.0

vendor:netappmodel:h410cscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.4.189

Trust: 1.0

vendor:netappmodel:h300sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h410sscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:netappmodel:h500sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h700sscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.20

Trust: 1.0

vendor:oraclemodel:communications cloud native core binding support functionscope:eqversion:22.1.1

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.14.276

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.5

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.2

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.111

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.238

Trust: 1.0

vendor:oraclemodel:communications cloud native core binding support functionscope:eqversion:22.2.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core binding support functionscope:eqversion:22.1.3

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:broadcommodel:brocade fabric operating systemscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h300sscope: - version: -

Trust: 0.8

vendor:netappmodel:h410sscope: - version: -

Trust: 0.8

vendor:netappmodel:h700sscope: - version: -

Trust: 0.8

vendor:netappmodel:h410cscope: - version: -

Trust: 0.8

vendor:netappmodel:h500sscope: - version: -

Trust: 0.8

vendor:linuxmodel:kernelscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications cloud native core binding support functionscope: - version: -

Trust: 0.8

vendor:broadcommodel:brocade fabric osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-019487 // NVD: CVE-2021-4197

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-4197
value: HIGH

Trust: 1.0

NVD: CVE-2021-4197
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202201-1396
value: HIGH

Trust: 0.6

VULHUB: VHN-410862
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-4197
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-410862
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-4197
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-4197
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-410862 // JVNDB: JVNDB-2021-019487 // CNNVD: CNNVD-202201-1396 // NVD: CVE-2021-4197

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.1

problemtype:Inappropriate authentication (CWE-287) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-410862 // JVNDB: JVNDB-2021-019487 // NVD: CVE-2021-4197

THREAT TYPE

local

Trust: 0.8

sources: PACKETSTORM: 167746 // PACKETSTORM: 167694 // CNNVD: CNNVD-202201-1396

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202201-1396

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-410862

PATCH

title:NTAP-20220602-0006 Oracle Oracle Critical Patch Updateurl:https://www.broadcom.com/

Trust: 0.8

title:Linux kernel Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178248

Trust: 0.6

sources: JVNDB: JVNDB-2021-019487 // CNNVD: CNNVD-202201-1396

EXTERNAL IDS

db:NVDid:CVE-2021-4197

Trust: 3.9

db:PACKETSTORMid:167694

Trust: 0.8

db:PACKETSTORMid:167746

Trust: 0.8

db:PACKETSTORMid:168019

Trust: 0.8

db:JVNDBid:JVNDB-2021-019487

Trust: 0.8

db:PACKETSTORMid:167443

Trust: 0.7

db:PACKETSTORMid:168136

Trust: 0.7

db:PACKETSTORMid:166392

Trust: 0.7

db:PACKETSTORMid:167097

Trust: 0.7

db:PACKETSTORMid:167952

Trust: 0.7

db:PACKETSTORMid:167886

Trust: 0.7

db:PACKETSTORMid:167714

Trust: 0.7

db:PACKETSTORMid:167852

Trust: 0.7

db:CNNVDid:CNNVD-202201-1396

Trust: 0.7

db:AUSCERTid:ESB-2022.3136

Trust: 0.6

db:AUSCERTid:ESB-2022.3918

Trust: 0.6

db:AUSCERTid:ESB-2022.3738

Trust: 0.6

db:AUSCERTid:ESB-2022.2841

Trust: 0.6

db:AUSCERTid:ESB-2022.0615

Trust: 0.6

db:AUSCERTid:ESB-2022.3435

Trust: 0.6

db:AUSCERTid:ESB-2022.2855

Trust: 0.6

db:AUSCERTid:ESB-2022.0629

Trust: 0.6

db:AUSCERTid:ESB-2022.0380

Trust: 0.6

db:AUSCERTid:ESB-2022.3236

Trust: 0.6

db:AUSCERTid:ESB-2022.0800

Trust: 0.6

db:AUSCERTid:ESB-2022.2014

Trust: 0.6

db:AUSCERTid:ESB-2022.3312

Trust: 0.6

db:AUSCERTid:ESB-2022.1237

Trust: 0.6

db:AUSCERTid:ESB-2022.0612

Trust: 0.6

db:AUSCERTid:ESB-2022.4150

Trust: 0.6

db:AUSCERTid:ESB-2022.3243

Trust: 0.6

db:CS-HELPid:SB2022070643

Trust: 0.6

db:CS-HELPid:SB2022062931

Trust: 0.6

db:CS-HELPid:SB2022071352

Trust: 0.6

db:CS-HELPid:SB2022071354

Trust: 0.6

db:CS-HELPid:SB2022070743

Trust: 0.6

db:CS-HELPid:SB2022070221

Trust: 0.6

db:CS-HELPid:SB2022060828

Trust: 0.6

db:CS-HELPid:SB2022031105

Trust: 0.6

db:CS-HELPid:SB2022072071

Trust: 0.6

db:PACKETSTORMid:166636

Trust: 0.6

db:PACKETSTORMid:167822

Trust: 0.2

db:PACKETSTORMid:167748

Trust: 0.1

db:PACKETSTORMid:167072

Trust: 0.1

db:CNVDid:CNVD-2022-68560

Trust: 0.1

db:VULHUBid:VHN-410862

Trust: 0.1

db:PACKETSTORMid:167622

Trust: 0.1

db:PACKETSTORMid:167679

Trust: 0.1

sources: VULHUB: VHN-410862 // JVNDB: JVNDB-2021-019487 // PACKETSTORM: 167746 // PACKETSTORM: 167622 // PACKETSTORM: 167679 // PACKETSTORM: 168019 // PACKETSTORM: 167822 // PACKETSTORM: 167694 // CNNVD: CNNVD-202201-1396 // NVD: CVE-2021-4197

REFERENCES

url:https://www.debian.org/security/2022/dsa-5127

Trust: 2.5

url:https://www.debian.org/security/2022/dsa-5173

Trust: 2.5

url:https://bugzilla.redhat.com/show_bug.cgi?id=2035652

Trust: 2.5

url:https://security.netapp.com/advisory/ntap-20220602-0006/

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujul2022.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-4197

Trust: 1.2

url:https://lore.kernel.org/lkml/20211209214707.805617-1-tj%40kernel.org/t/

Trust: 1.0

url:https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/t/

Trust: 0.7

url:https://packetstormsecurity.com/files/168019/red-hat-security-advisory-2022-5879-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3738

Trust: 0.6

url:https://packetstormsecurity.com/files/167852/red-hat-security-advisory-2022-5626-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022060828

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3918

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0380

Trust: 0.6

url:https://packetstormsecurity.com/files/167886/ubuntu-security-notice-usn-5541-1.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072071

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022062931

Trust: 0.6

url:https://packetstormsecurity.com/files/166392/ubuntu-security-notice-usn-5337-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4150

Trust: 0.6

url:https://packetstormsecurity.com/files/167443/ubuntu-security-notice-usn-5467-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/167714/ubuntu-security-notice-usn-5505-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3243

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0615

Trust: 0.6

url:https://packetstormsecurity.com/files/167694/ubuntu-security-notice-usn-5500-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2014

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022070643

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0612

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022070743

Trust: 0.6

url:https://packetstormsecurity.com/files/166636/ubuntu-security-notice-usn-5368-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/167097/red-hat-security-advisory-2022-1988-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022070221

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022071354

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2855

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022071352

Trust: 0.6

url:https://packetstormsecurity.com/files/167952/red-hat-security-advisory-2022-5730-01.html

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2021-4197/

Trust: 0.6

url:https://packetstormsecurity.com/files/167746/ubuntu-security-notice-usn-5513-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/168136/red-hat-security-advisory-2022-6053-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0629

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022031105

Trust: 0.6

url:https://vigilance.fr/vulnerability/linux-kernel-privilege-escalation-via-cgroup-fd-writing-37262

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0800

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3136

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3312

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3236

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2841

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3435

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1237

Trust: 0.6

url:https://access.redhat.com/security/team/contact/

Trust: 0.4

url:https://bugzilla.redhat.com/):

Trust: 0.4

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-4197

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2021-4203

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-1679

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1419

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1652

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1734

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-4202

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1353

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3752

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-4157

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3744

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0235

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-13974

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-41617

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-45485

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3773

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-4002

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-29154

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43976

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-0941

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43389

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3634

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-27820

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-4189

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-44733

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0536

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1271

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-21781

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3634

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-4037

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-29154

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-37159

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-4788

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3772

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-0404

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3669

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3764

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20322

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43056

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3612

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-41864

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-25032

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-0941

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3612

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-26401

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-27820

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3743

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3737

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1011

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13974

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20322

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-4083

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-45486

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0322

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-4788

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-26401

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0286

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0001

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3759

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-21781

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-0002

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-25032

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-42739

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-0404

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1729

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-32250

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-4203

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1729

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2022-1012

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-29368

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1012

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-32250

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-29368

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3752

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3760

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-39714

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0330

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-21123

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-39685

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3609

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5513-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3669

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1708

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3696

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-38185

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-28733

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-0492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-21803

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-29526

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-28736

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3697

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-28734

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-25219

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-28737

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25219

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3695

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-28735

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-24785

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23806

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5392

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-29810

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index

Trust: 0.1

url:https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-19131

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-1154

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-35492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-26691

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5483

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-19131

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-23852

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35492

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-34169

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-21540

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-21540

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-21541

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-34169

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-21541

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2403

Trust: 0.1

url:https://access.redhat.com/errata/rhba-2022:5878

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2022-2403

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5879

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:5633

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-28356

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5500-1

Trust: 0.1

sources: VULHUB: VHN-410862 // JVNDB: JVNDB-2021-019487 // PACKETSTORM: 167746 // PACKETSTORM: 167622 // PACKETSTORM: 167679 // PACKETSTORM: 168019 // PACKETSTORM: 167822 // PACKETSTORM: 167694 // CNNVD: CNNVD-202201-1396 // NVD: CVE-2021-4197

CREDITS

Red Hat

Trust: 0.4

sources: PACKETSTORM: 167622 // PACKETSTORM: 167679 // PACKETSTORM: 168019 // PACKETSTORM: 167822

SOURCES

db:VULHUBid:VHN-410862
db:JVNDBid:JVNDB-2021-019487
db:PACKETSTORMid:167746
db:PACKETSTORMid:167622
db:PACKETSTORMid:167679
db:PACKETSTORMid:168019
db:PACKETSTORMid:167822
db:PACKETSTORMid:167694
db:CNNVDid:CNNVD-202201-1396
db:NVDid:CVE-2021-4197

LAST UPDATE DATE

2024-11-20T20:19:52.087000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-410862date:2023-02-03T00:00:00
db:JVNDBid:JVNDB-2021-019487date:2023-08-02T06:47:00
db:CNNVDid:CNNVD-202201-1396date:2022-08-24T00:00:00
db:NVDid:CVE-2021-4197date:2023-11-07T03:40:21.077

SOURCES RELEASE DATE

db:VULHUBid:VHN-410862date:2022-03-23T00:00:00
db:JVNDBid:JVNDB-2021-019487date:2023-08-02T00:00:00
db:PACKETSTORMid:167746date:2022-07-14T14:32:14
db:PACKETSTORMid:167622date:2022-06-29T20:27:02
db:PACKETSTORMid:167679date:2022-07-01T15:04:32
db:PACKETSTORMid:168019date:2022-08-10T15:50:18
db:PACKETSTORMid:167822date:2022-07-27T17:20:56
db:PACKETSTORMid:167694date:2022-07-04T14:32:13
db:CNNVDid:CNNVD-202201-1396date:2022-01-17T00:00:00
db:NVDid:CVE-2021-4197date:2022-03-23T20:15:10.200