Showing 1 - 3 of 3

CVE-2021-4001

Status Candidate

Overview

A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2.

Related Files

Ubuntu Security Notice USN-6417-1: Posted Oct 5, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6417-1 - It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service.; tags | advisory, remote, denial of service, kernel; systems | linux, ubuntu; advisories | CVE-2021-4001, CVE-2023-1206, CVE-2023-3212, CVE-2023-3338, CVE-2023-3863, CVE-2023-4194; SHA-256 | c26238a5fdacf3ea9d3afd0da623a96b6fd205a4238fb6b5c63f66ebabb02fb1; Download | Favorite | View

Ubuntu Security Notice USN-5265-1: Posted Feb 3, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5265-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2020-27820, CVE-2021-3640, CVE-2021-3752, CVE-2021-3772, CVE-2021-4001, CVE-2021-4090, CVE-2021-4093, CVE-2021-4202, CVE-2021-42327, CVE-2021-42739; SHA-256 | 7e0f9271a061ce26f953885a06bf885e09f3bf96703739534c4177eca1b1fff1; Download | Favorite | View

Ubuntu Security Notice USN-5207-1: Posted Jan 6, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5207-1 - Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps.; tags | advisory, kernel, local; systems | linux, ubuntu; advisories | CVE-2021-4001, CVE-2021-4002, CVE-2021-42739, CVE-2021-43267; SHA-256 | 63504dd3c2b3abff85b5c8960e3f39b8f7a1ce6773225176a4d31ae19837a516; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 287 files
Ubuntu 61 files
Gentoo 32 files
Debian 24 files
Apple 9 files
malvuln 6 files
Google Security Research 5 files
nu11secur1ty 5 files
Jann Horn 5 files
h00die 4 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,042)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,646)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,788)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,508)
UNIX (9,402)
UnixWare (187)
Windows (6,660)
Other

CVE-2021-4001

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems