Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-3489

HIGH
Published 2021-06-04T01:40:19.351991Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-3489. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
7.8
/10
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01
0.000
probability
of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25
Exploit Probability
Percentile: 0.208
Higher than 20.8% of all CVEs

Attack Vector Metrics

Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Description

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee ("bpf, ringbuf: Deny reserve of buffers larger than ringbuf") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for it") (v5.8-rc1).

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Linux kernel

Affected Versions:

trunk linux-5.12.y linux-5.11.y linux-5.10.y v5.8

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-45wv-rq2g-2vvj

Advisory Details

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee ("bpf, ringbuf: Deny reserve of buffers larger than ringbuf") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for it") (v5.8-rc1).

CVSS Scoring

CVSS Score

7.5

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-3489
WEB https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=4b81ccebaeee885ab1aa1438133f2991e3a2b6ea
WEB https://security.netapp.com/advisory/ntap-20210716-0004
WEB https://ubuntu.com/security/notices/USN-4949-1
WEB https://ubuntu.com/security/notices/USN-4950-1
WEB https://www.openwall.com/lists/oss-security/2021/05/11/10
WEB https://www.zerodayinitiative.com/advisories/ZDI-21-590

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022

References

https://www.openwall.com/lists/oss-security/2021/05/11/10
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=4b81ccebaeee885ab1aa1438133f2991e3a2b6ea
https://www.zerodayinitiative.com/advisories/ZDI-21-590/
https://ubuntu.com/security/notices/USN-4950-1
https://ubuntu.com/security/notices/USN-4949-1
https://security.netapp.com/advisory/ntap-20210716-0004/
Published: 2021-06-04T01:40:19.351991Z
Last Modified: 2024-09-16T20:21:42.116Z
Copied to clipboard!