Lucene search

CVE-2021-3491

🗓️ 04 Jun 2021 02:07:15Reported by canonicalType

cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 288 Views

The io_uring subsystem in the Linux kernel allowed bypassing of MAX_RW_COUNT limit in PROVIDE_BUFFERS operation, leading to heap overflow and arbitrary code execution

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 92
Cvelist	CVE-2021-3491 Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass	4 Jun 202101:40	–	cvelist
F5 Networks	K84602160 : Linux kernel vulnerability CVE-2021-3491	13 Oct 202200:00	–	f5
OSV	PUB-A-190877100	1 Sep 202100:00	–	osv
OSV	CVE-2021-3491	4 Jun 202102:15	–	osv
OSV	MGASA-2021-0215 Updated kernel-linus packages fix security vulnerabilities	19 May 202119:29	–	osv
OSV	MGASA-2021-0214 Updated kernel packages fix security vulnerabilities	19 May 202119:29	–	osv
OSV	linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities	11 May 202122:37	–	osv
OSV	SUSE-SU-2021:1890-1 Security update for the Linux Kernel	8 Jun 202113:08	–	osv
OSV	SUSE-SU-2021:1888-1 Security update for the Linux Kernel	8 Jun 202113:07	–	osv
OSV	SUSE-SU-2021:1913-1 Security update for the Linux Kernel	9 Jun 202111:55	–	osv

Nvd

Node

linux linux_kernelRange5.7–5.10.37

linux linux_kernelRange5.11–5.11.21

linux linux_kernelRange5.12–5.12.4

Node

canonical ubuntu_linuxMatch20.04lts

canonical ubuntu_linuxMatch20.10

canonical ubuntu_linuxMatch21.04

[
  {
    "product": "Linux kernel",
    "vendor": "Linux",
    "versions": [
      {
        "lessThan": "v5.13-rc4",
        "status": "affected",
        "version": "trunk",
        "versionType": "custom"
      },
      {
        "lessThan": "v5.12.4",
        "status": "affected",
        "version": "linux-5.12.y",
        "versionType": "custom"
      },
      {
        "lessThan": "v5.11.21",
        "status": "affected",
        "version": "linux-5.11.y",
        "versionType": "custom"
      },
      {
        "lessThan": "v5.10.37",
        "status": "affected",
        "version": "linux-5.10.y",
        "versionType": "custom"
      },
      {
        "lessThan": "5.7*",
        "status": "affected",
        "version": "v5.7-rc1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
ubuntu	www.ubuntu.com/security/notices/USN-4950-1
security	www.security.netapp.com/advisory/ntap-20210716-0004/
git	www.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/
openwall	www.openwall.com/lists/oss-security/2021/05/11/13
ubuntu	www.ubuntu.com/security/notices/USN-4949-1
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-21-589/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Jun 2021 02:15Current

8.2High risk

Vulners AI Score8.2

CVSS27.2

CVSS37.8 - 8.8

EPSS0.00011