CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
5.2%
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
netapp | aff_baseboard_management_controller | - | cpe:2.3:a:netapp:aff_baseboard_management_controller:-:*:*:*:*:*:*:* |
netapp | cloud_backup | - | cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* |
netapp | fas_baseboard_management_controller | - | cpe:2.3:a:netapp:fas_baseboard_management_controller:-:*:*:*:*:*:*:* |
netapp | solidfire_\&_hci_management_node | - | cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* |
netapp | solidfire_baseboard_management_controller | - | cpe:2.3:a:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:* |
netapp | 500f | - | cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:* |
netapp | baseboard_management_controller_500f_firmware | * | cpe:2.3:o:netapp:baseboard_management_controller_500f_firmware:*:*:*:*:*:*:*:* |
netapp | a250 | - | cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:* |
netapp | baseboard_management_controller_a250_firmware | * | cpe:2.3:o:netapp:baseboard_management_controller_a250_firmware:*:*:*:*:*:*:*:* |
www.openwall.com/lists/oss-security/2021/02/05/6
www.openwall.com/lists/oss-security/2021/04/09/2
www.openwall.com/lists/oss-security/2022/01/25/14
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.13
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c518adafa39f37858697ac9309c6cf1805581446
security.netapp.com/advisory/ntap-20210312-0008/
www.openwall.com/lists/oss-security/2021/02/04/5
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
5.2%