CVE-2021-27364

Опубликовано: 07 мар. 2021

Источник: nvd

CVSS3: 7.1

CVSS2: 3.6

EPSS Низкий

Описание

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

Ссылки

http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html
Third Party Advisory
VDB Entry
https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html
Exploit
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1182717
Issue Tracking
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa
Mailing List
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20210409-0001/
Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/03/06/1
Mailing List
Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html
Patch
Third Party Advisory
http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html
Third Party Advisory
VDB Entry
https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html
Exploit
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1182717
Issue Tracking
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa
Mailing List
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20210409-0001/
Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/03/06/1
Mailing List
Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 5.11.3 (включая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

Конфигурация 4

cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*

Версия от 7.4.0 (включая) до 7.7.1 (включая)

Конфигурация 5

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 12%

0.00041

Низкий

7.1 High

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2021-27364

CVSS3: 7.1

ubuntu

больше 4 лет назад

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

CVE-2021-27364

CVSS3: 7.1

redhat

больше 4 лет назад

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

CVE-2021-27364

CVSS3: 7.1

msrc

больше 4 лет назад

Описание отсутствует

CVE-2021-27364

CVSS3: 7.1

debian

больше 4 лет назад

An issue was discovered in the Linux kernel through 5.11.3. drivers/sc ...

GHSA-qh7p-rxx9-vwx2

github

около 3 лет назад

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

EPSS

Процентиль: 12%

0.00041

Низкий

7.1 High

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-125