CVE-2021-4001

Advisory lineage Upstream: 0 Downstream: 17

Downstream

DEBIAN-CVE-2021-4001 MGASA-2021-0538 MGASA-2021-0539 OPENSUSE-SU-2022:0056-1 OPENSUSE-SU-2022:0131-1 SUSE-SU-2022:0056-1

Modified

Published: 21 Jan 2022, 00:00

Last modified:03 Aug 2024, 17:16

Vulnerability Summary

Overall Risk (default)

low

19/100

CVSS Score

4.7 MEDIUM

v2.0 (nvd)

EPSS Score

0.02% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

21 Jan 2022, 00:00

Published

Vulnerability first disclosed

03 Aug 2024, 17:16

Last Modified

Vulnerability information updated

Description

A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2.

CVSS Metrics

v3.1•MEDIUM•Score: 4.1CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
v2.0•MEDIUM•Score: 4.7AV:L/AC:M/Au:N/C:N/I:C/A:N

EPSS Trends

Current EPSS score: 0.02%• Percentile: 4%

Techniques & Countermeasures

CWE-367•Time-of-check Time-of-use (TOCTOU) Race Condition
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

Affected Systems

linux•linux_kernel
≤ 5.15 | 5.16:rc1