Redhat.comRH:CVE-2021-39636CVE-2021-39636
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
A vulnerability was found in the Linux kernel’s net/ipv6/netfilter/ip6_tables.c:copy_entries_to_user function. This flaw allows a local attacker to leak internal kernel information.
Mitigation
To mitigate this issue, prevent the module ip6_tables from being loaded.
Please see <https://access.redhat.com/solutions/41278>
for information on how to blacklist a kernel module to prevent it from loading automatically.
References
android.googlesource.com/kernel/common/+/823f05d71506017aa4d47ae8b9546081686098fe
android.googlesource.com/kernel/common/+/8a1b3c7bd71ef1e7a4537216858dbe7d13eec6ed
android.googlesource.com/kernel/common/+/bb5bc03a5056b4b22f00b7333c42c861b83ef19f
android.googlesource.com/kernel/common/+/d104670ce30b9f910f39fbaad3ec59f87fa43468
android.googlesource.com/kernel/common/+/dcd0c8c3e87cf08344e169fdb94eb7ec96c3c32a
bugzilla.redhat.com/show_bug.cgi?id=2068577
nvd.nist.gov/vuln/detail/CVE-2021-39636
source.android.com/security/bulletin/pixel/2021-12-01
www.cve.org/CVERecord?id=CVE-2021-39636
Related
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%