Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-4002

UNKNOWN
Published 2022-03-03T21:42:47
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-4002. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-7jmv-5cqq-75jg

Advisory Details

A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-4002
WEB https://bugzilla.redhat.com/show_bug.cgi?id=2025726
WEB https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea
WEB https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890
WEB https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
WEB https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
WEB https://www.debian.org/security/2022/dsa-5096
WEB https://www.openwall.com/lists/oss-security/2021/11/25/1
WEB https://www.oracle.com/security-alerts/cpujul2022.html

Advisory provided by GitHub Security Advisory Database. Published: March 4, 2022, Modified: March 17, 2022

References

https://bugzilla.redhat.com/show_bug.cgi?id=2025726
https://www.openwall.com/lists/oss-security/2021/11/25/1
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://www.debian.org/security/2022/dsa-5096
https://www.oracle.com/security-alerts/cpujul2022.html
Published: 2022-03-03T21:42:47
Last Modified: 2024-08-03T17:16:03.279Z
Copied to clipboard!