Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-4028

Опубликовано: 24 авг. 2022
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.10 (включая) до 5.10.71 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.11 (включая) до 5.14.10 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:suse:linux_enterprise:15.0:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:15.0:sp4:*:*:*:*:*:*

EPSS

Процентиль: 7%
0.00029
Низкий

7.8 High

CVSS3

Дефекты

CWE-416
CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2021-4028

CVSS3: 7.8
ubuntu
почти 3 года назад

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.

redhat логотип

CVE-2021-4028

CVSS3: 7
redhat
больше 3 лет назад

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.

debian логотип

CVE-2021-4028

CVSS3: 7.8
debian
почти 3 года назад

A flaw in the Linux kernel's implementation of RDMA communications man ...

github логотип

GHSA-qfcc-9m6r-r23m

CVSS3: 7.8
github
почти 3 года назад

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.

fstec логотип

BDU:2022-00733

CVSS3: 7
fstec
больше 3 лет назад

Уязвимость менеджера соединений RDMA ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 7%
0.00029
Низкий

7.8 High

CVSS3

Дефекты

CWE-416
CWE-416