2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2021-4154" ,
"sourceIdentifier" : "secalert@redhat.com" ,
"published" : "2022-02-04T23:15:12.307" ,
"lastModified" : "2023-01-19T15:53:48.070" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system."
} ,
{
"lang" : "es" ,
"value" : "Se encontr\u00f3 un defecto de uso de memoria previamente liberada en la funci\u00f3n cgroup1_parse_param en el archivo kernel/cgroup/cgroup-v1.c en el analizador cgroup v1 del kernel de Linux. Un atacante local con un privilegio de usuario podr\u00eda causar una escalada de privilegios al explotar el par\u00e1metro de syscall fsconfig, conllevando a una ruptura del contenedor y una denegaci\u00f3n de servicio en el sistema"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" ,
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH" ,
"baseScore" : 8.8 ,
"baseSeverity" : "HIGH"
} ,
"exploitabilityScore" : 2.0 ,
"impactScore" : 6.0
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C" ,
"accessVector" : "LOCAL" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "COMPLETE" ,
"integrityImpact" : "COMPLETE" ,
"availabilityImpact" : "COMPLETE" ,
"baseScore" : 7.2
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 10.0 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-416"
}
]
} ,
{
"source" : "secalert@redhat.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-416"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.1" ,
"versionEndExcluding" : "5.4.134" ,
"matchCriteriaId" : "8B1595BC-C3BF-4F3C-8BF3-3CF85D767DBB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.5" ,
"versionEndExcluding" : "5.10.52" ,
"matchCriteriaId" : "7C1E6FB6-53C8-4DC4-8AE5-93094BA39F62"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.11" ,
"versionEndExcluding" : "5.12.19" ,
"matchCriteriaId" : "34C1A2F4-DD44-4CF1-8FD4-751A0D746A9E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.13" ,
"versionEndExcluding" : "5.13.4" ,
"matchCriteriaId" : "F93FA3CC-0C79-410B-A7D7-245C2AA0723A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*" ,
"matchCriteriaId" : "71268287-21A8-4488-AA4F-23C473153131"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*" ,
"matchCriteriaId" : "053C1B35-3869-41C2-9551-044182DE0A64"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "50E61C0A-01CA-4031-B4E0-D814E1D9CFCC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "27227B35-932A-4035-B39F-6A455753C0D6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A4AD592C-222D-4C6F-B176-8145A1A5AFEC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8173DC0C-B9BB-4055-95B6-45EB08A3D923"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8603654B-A8A9-4DEB-B0DD-C82E1C885749"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "14BCD5F2-E3FD-4877-8C93-5EF96008A287"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C855C933-F271-45E6-8E85-8D7CF2EF1BE6"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2034514" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Issue Tracking" ,
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Third Party Advisory"
]
} ,
{
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Mailing List" ,
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "https://security.netapp.com/advisory/ntap-20220225-0004/" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Third Party Advisory"
]
}
]
}
