Showing 1 - 3 of 3

CVE-2021-4001

Status Candidate

Overview

A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2.

Related Files

Ubuntu Security Notice USN-6417-1: Posted Oct 5, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6417-1 - It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.; tags | advisory, remote, denial of service, kernel; systems | linux, ubuntu; advisories | CVE-2021-4001, CVE-2023-1206, CVE-2023-3212, CVE-2023-3338, CVE-2023-3863, CVE-2023-4194; SHA-256 | c26238a5fdacf3ea9d3afd0da623a96b6fd205a4238fb6b5c63f66ebabb02fb1; Download | Favorite | View

Ubuntu Security Notice USN-5265-1: Posted Feb 3, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5265-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2020-27820, CVE-2021-3640, CVE-2021-3752, CVE-2021-3772, CVE-2021-4001, CVE-2021-4090, CVE-2021-4093, CVE-2021-4202, CVE-2021-42327, CVE-2021-42739; SHA-256 | 7e0f9271a061ce26f953885a06bf885e09f3bf96703739534c4177eca1b1fff1; Download | Favorite | View

Ubuntu Security Notice USN-5207-1: Posted Jan 6, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5207-1 - Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps.; tags | advisory, kernel, local; systems | linux, ubuntu; advisories | CVE-2021-4001, CVE-2021-4002, CVE-2021-42739, CVE-2021-43267; SHA-256 | 63504dd3c2b3abff85b5c8960e3f39b8f7a1ce6773225176a4d31ae19837a516; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 217 files
indoushka 135 files
Ubuntu 92 files
Gentoo 33 files
Debian 27 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Google Security Research 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,110)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,913)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,631)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,781)
UNIX (9,441)
UnixWare (187)
Windows (6,676)
Other

CVE-2021-4001

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems