8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
65.8%
Issue Overview:
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. (CVE-2020-27825)
A flaw was found in the Linux kernel’s implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store. The highest threat from this vulnerability is to integrity. In addition, this flaw affects the tcmu-runner package, where the affected SCSI command is called. (CVE-2020-28374)
DISPUTED fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior. (CVE-2021-3178)
A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3347)
nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. (CVE-2021-3348)
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system.
New Packages:
i686:
kernel-4.14.219-119.340.amzn1.i686
kernel-tools-4.14.219-119.340.amzn1.i686
kernel-tools-devel-4.14.219-119.340.amzn1.i686
perf-4.14.219-119.340.amzn1.i686
perf-debuginfo-4.14.219-119.340.amzn1.i686
kernel-debuginfo-common-i686-4.14.219-119.340.amzn1.i686
kernel-headers-4.14.219-119.340.amzn1.i686
kernel-devel-4.14.219-119.340.amzn1.i686
kernel-debuginfo-4.14.219-119.340.amzn1.i686
kernel-tools-debuginfo-4.14.219-119.340.amzn1.i686
src:
kernel-4.14.219-119.340.amzn1.src
x86_64:
kernel-headers-4.14.219-119.340.amzn1.x86_64
kernel-4.14.219-119.340.amzn1.x86_64
kernel-debuginfo-common-x86_64-4.14.219-119.340.amzn1.x86_64
kernel-tools-devel-4.14.219-119.340.amzn1.x86_64
kernel-tools-4.14.219-119.340.amzn1.x86_64
perf-4.14.219-119.340.amzn1.x86_64
kernel-devel-4.14.219-119.340.amzn1.x86_64
kernel-tools-debuginfo-4.14.219-119.340.amzn1.x86_64
perf-debuginfo-4.14.219-119.340.amzn1.x86_64
kernel-debuginfo-4.14.219-119.340.amzn1.x86_64
Red Hat: CVE-2020-27825, CVE-2020-28374, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348, CVE-2021-39648
Mitre: CVE-2020-27825, CVE-2020-28374, CVE-2021-3178, CVE-2021-3347, CVE-2021-3348, CVE-2021-39648
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
65.8%