Lucene search

[email protected]CVE-2021-42008

HistoryOct 05, 2021 - 12:15 a.m.

CVE-2021-42008

2021-10-0500:15:00

CWE-787

[email protected]

web.nvd.nist.gov

219

linux kernel

cve-2021-42008

slab out-of-bounds write

cap_net_admin

root access

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

39.6%

JSON

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt5.13.13
linux:linux_kernellinux linux kernellt4.19.205
linux:linux_kernellinux linux kernellt4.9.281
linux:linux_kernellinux linux kernellt4.14.245
linux:linux_kernellinux linux kernellt4.4.282
linux:linux_kernellinux linux kernellt5.4.143
linux:linux_kernellinux linux kernellt5.10.61
netapp:h300s_firmwarenetapp h300s firmwareeq-
netapp:h500s_firmwarenetapp h500s firmwareeq-
netapp:h700s_firmwarenetapp h700s firmwareeq-

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	5.13.13
linux:linux_kernel	linux linux kernel	lt	4.19.205
linux:linux_kernel	linux linux kernel	lt	4.9.281
linux:linux_kernel	linux linux kernel	lt	4.14.245
linux:linux_kernel	linux linux kernel	lt	4.4.282
linux:linux_kernel	linux linux kernel	lt	5.4.143
linux:linux_kernel	linux linux kernel	lt	5.10.61
netapp:h300s_firmware	netapp h300s firmware	eq	-
netapp:h500s_firmware	netapp h500s firmware	eq	-
netapp:h700s_firmware	netapp h700s firmware	eq	-