Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-5117-1
HistoryOct 20, 2021 - 12:00 a.m.

Linux kernel (OEM) vulnerabilities

2021-10-2000:00:00
ubuntu.com
110
ubuntu 20.04 lts
btrfs
qualcomm ipc router
vt device
memory exhaustion
cap_sys_admin
denial of service
system crash
sensitive information
ioctl handling
race condition
memory usage
ipc objects
linux kernel

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

24.2%

JSON

Releases

  • Ubuntu 20.04 LTS

Packages

  • linux-oem-5.13 - Linux kernel for OEM systems

Details

It was discovered that the btrfs file system in the Linux kernel did not
properly handle removing a non-existent device id. An attacker with
CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739)

It was discovered that the Qualcomm IPC Router protocol implementation in
the Linux kernel did not properly validate metadata in some situations. A
local attacker could use this to cause a denial of service (system crash)
or expose sensitive information. (CVE-2021-3743)

It was discovered that the virtual terminal (vt) device implementation in
the Linux kernel contained a race condition in its ioctl handling that led
to an out-of-bounds read vulnerability. A local attacker could possibly use
this to expose sensitive information. (CVE-2021-3753)

It was discovered that the Linux kernel did not properly account for the
memory usage of certain IPC objects. A local attacker could use this to
cause a denial of service (memory exhaustion). (CVE-2021-3759)

Related

openvas 42
nessus 66
osv 16
mageia 2
cloudfoundry 2
ubuntu 8
prion 4
ubuntucve 4
veracode 4
ibm 3
nvd 4
cvelist 4
cbl_mariner 3
cve 4
redhatcve 4
debiancve 4
oraclelinux 6
cnvd 1
suse 5
photon 4
debian 3
amazon 2
rocky 2
almalinux 1
redhat 1
openvas
openvas
Ubuntu: Security Advisory (USN-5117-1)
2021-10-21 00:00:00
Mageia: Security Advisory (MGASA-2021-0419)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2021-0418)
2022-01-28 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5117-1)
2021-10-20 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5137-2)
2021-11-11 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5137-1)
2021-11-09 00:00:00
osv
osv
linux-oem-5.13 vulnerabilities
2021-10-20 18:46:21
linux-bluefield, linux-gke-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
2021-11-11 06:21:50
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm vulnerabilities
2021-11-09 03:49:47
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2021-09-08 12:23:46
Updated kernel packages fix security vulnerabilities
2021-09-08 12:23:46
cloudfoundry
cloudfoundry
USN-5137-1: Linux kernel vulnerabilities | Cloud Foundry
2022-01-20 00:00:00
USN-5136-1: Linux kernel vulnerabilities | Cloud Foundry
2022-01-20 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2021-11-11 00:00:00
Linux kernel vulnerabilities
2021-11-09 00:00:00
Linux kernel vulnerabilities
2021-10-19 00:00:00
prion
prion
Out-of-bounds
2022-02-16 19:15:00
Design/Logic Flaw
2022-08-23 16:15:00
Null pointer dereference
2022-03-10 17:43:00
ubuntucve
ubuntucve
CVE-2021-3753
2021-09-02 00:00:00
CVE-2021-3759
2021-09-02 00:00:00
CVE-2021-3739
2021-08-27 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-03-06 20:41:33
Denial Of Service (DoS)
2021-10-25 17:58:44
Denial Of Service (DoS)
2021-11-09 15:00:29
ibm
ibm
Security Bulletin: Linux Kernel vulnerability may affect IBM Elastic Storage System (CVE-2021-3759)
2022-12-12 09:49:53
Security Bulletin: Vulnerabilities in Linux Kernel and OpenSSL may affect IBM Spectrum Copy Data Management
2022-09-17 01:21:23
Security Bulletin: Vulnerabilities in Linux Kernel, OpenSSL, Golang Go, and Zlib may affect IBM Spectrum Protect Plus
2022-09-17 06:09:13
nvd
nvd
CVE-2021-3759
2022-08-23 16:15:09
CVE-2021-3753
2022-02-16 19:15:08
CVE-2021-3739
2022-03-10 17:43:01
cvelist
cvelist
CVE-2021-3759
2022-08-23 00:00:00
CVE-2021-3753
2022-02-16 00:00:00
CVE-2021-3739
2022-03-07 15:19:47
cbl_mariner
cbl_mariner
CVE-2021-3753 affecting package kernel 5.10.189.1-1
2022-03-10 23:47:45
CVE-2021-3739 affecting package kernel 5.10.189.1-1
2022-04-07 06:04:22
CVE-2021-3743 affecting package kernel for versions less than 5.15.26.1-2
2022-04-09 06:52:47
cve
cve
CVE-2021-3753
2022-02-16 19:15:08
CVE-2021-3739
2022-03-10 17:43:01
CVE-2021-3759
2022-08-23 16:15:09
redhatcve
redhatcve
CVE-2021-3739
2021-08-26 08:25:47
CVE-2021-3753
2021-09-13 19:17:15
CVE-2021-3759
2021-09-01 05:25:19
debiancve
debiancve
CVE-2021-3753
2022-02-16 19:15:08
CVE-2021-3739
2022-03-10 17:43:01
CVE-2021-3759
2022-08-23 16:15:09
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2021-09-22 00:00:00
Unbreakable Enterprise kernel-container security update
2021-10-11 00:00:00
Unbreakable Enterprise kernel security update
2021-10-11 00:00:00
cnvd
cnvd
Linux kernel has unspecified vulnerabilities (CNVD-2021-70093)
2021-08-31 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2021-09-15 00:00:00
Security update for the Linux Kernel (important)
2021-09-21 00:00:00
Security update for the Linux Kernel (important)
2021-09-23 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-3.0-0623
2023-07-30 00:00:00
Important Photon OS Security Update - PHSA-2022-0299
2022-12-15 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0316
2021-10-19 00:00:00
debian
debian
[SECURITY] [DSA 4978-1] linux security update
2021-09-25 08:09:05
[SECURITY] [DSA 4978-1] linux security update
2021-09-25 08:09:05
[SECURITY] [DLA 2785-1] linux-4.19 security update
2021-10-15 21:50:44
amazon
amazon
Medium: kernel
2021-09-08 23:35:00
Important: kernel
2021-09-30 19:25:00
rocky
rocky
kernel-rt security and bug fix update
2022-05-10 06:42:36
kernel security, bug fix, and enhancement update
2022-05-10 08:11:36
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2022-05-10 08:11:36
redhat
redhat
(RHSA-2022:1975) Important: kernel-rt security and bug fix update
2022-05-10 06:42:36

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

24.2%

JSON
Related for USN-5117-1
openvas42nessus66osv16mageia2cloudfoundry2ubuntu8prion4ubuntucve4veracode4ibm3nvd4cvelist4cbl_mariner3cve4redhatcve4debiancve4oraclelinux6cnvd1suse5photon4debian3amazon2rocky2almalinux1redhat1