Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMED670677BEE7F824FAA4922AD08CFBF43478203FCCB636E589E6854737336228
HistoryJun 09, 2022 - 5:51 p.m.

Security Bulletin: Vulnerabilities in the Linux Kernel affect IBM Spectrum Copy Data Management

2022-06-0917:51:49
www.ibm.com
63

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

67.6%

JSON

Summary

Linux Kernel vulnerabilities, such as obtaining sensitive information, bypassing security restrictions, denial of service, elevation of privileges, and execution of arbitrary code on the system, may affect IBM Spectrum Copy Data Management.

Vulnerability Details

CVEID:CVE-2022-0850
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the copy_page_to_iter() function in iov_iter.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, or cause a denial of service condition.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/224232 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L)

CVEID:CVE-2021-45485
**DESCRIPTION:**Linux Kernel could allow a local attacker to obtain sensitive information, caused by improperly consider attacks from many IPv6 source addresses in net/ipv6/output_core.c in the IPv6 implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/216133 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2021-20322
**DESCRIPTION:**Linux Kernel could allow a remote attacker to bypass security restrictions, caused by an error in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality that allows the ability to quickly scan open UDP ports. An off-path remote attacker could exploit this vulnerability to bypass the source port UDP randomization and affect the confidentiality and integrity of the system.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/212886 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)

CVEID:CVE-2021-31916
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds (OOB) memory write flaw in the list_devices function in drivers/md/dm-ioctl.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause system crash or a leak of internal kernel information.
CVSS Base score: 6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/201512 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H)

CVEID:CVE-2021-4083
**DESCRIPTION:**Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a read-after-free memory flaw in the garbage collection for Unix domain socket file handlers. By simultaneously calling close() and fget() functions to trigger a race condition, an attacker could exploit this vulnerability to gain elevated privileges or cause the system to crash.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/216849 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-4203
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free read flaw in the sock_getsockopt() function in net/core/sock.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to crash the system or obtain internal kernel information.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/222609 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H)

CVEID:CVE-2022-22942
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper file descriptor handling in the vmwgfx driver. By sending a specially-crafted ioctl call, an attacker could exploit this vulnerability to gain access to files opened by other processes on the system, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/218323 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2021-3669
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service. Reading /proc/sysvipc/shm does not scale with large shared memory segment counts. A local attacker could exploit this vulnerability to exhaust all available resources.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/213319 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2021-20269
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by incorrect permissions on vmcore-dmesg.txt file in kexec-tools. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain kernel internal information, and use this information to launch further attacks against the affected system.
CVSS Base score: 4.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/198071 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2021-41864
**DESCRIPTION:**Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by an eBPF multiplication integer overflow in the prealloc_elems_and_freelist function in kernel/bpf/stackmap.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/210630 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-45486
**DESCRIPTION:**Linux Kernel could allow a local attacker to obtain sensitive information, caused by the use of small hash table in net/ipv4/route.c in the IPv4 implementation. By utilize cryptographic attack techniques, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/216134 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2021-4155
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by data leak flaw in the way how XFS_IOC_ALLOCSP IOCTL in the XFS filesystem is allowed for size increase of files with unaligned size. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information on the XFS filesystem, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/216919 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2020-25704
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the perf_event_parse_addr_filter function. By executing a specially-crafted program, a local attacker could exploit this vulnerability to exhaust available memory on the system.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/191348 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-36322
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a flaw in the fuse_do_getattr function in the FUSE filesystem implementation in . By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200230 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2021-3635
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a missing generation check during DELTABLE processing in the netfilter implementation. By sending specially-crafted netfilter netflow commands, a local authenticated attacker could exploit this vulnerability to cause a panic on the system, and results in a denial of service condition.
CVSS Base score: 4.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/207460 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2021-3764
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the ccp_run_aes_gcm_cmd() function in crypto. By sending a specially-crafted request, a loal authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/213732 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-1011
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the FUSE filesystem. By sending a specially-crafted request using the write() function, an authenticated attacker could exploit this vulnerability to gain unauthorized access to some data from the FUSE filesystem to gain elevated privileges.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/222171 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-4028
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free in the implementation of RDMA communications manager listener code. By sending a specially-crafted request, an attacker could exploit this vulnerability to crash the system or gain elevated privileges on the system.
CVSS Base score: 7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/226067 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-4002
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to bypass security restrictions, caused by a flaw when running mmap() using the MAP_HUGETLB or shmget() with SHM_HUGETLB. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain or change data that resides on hugetlbfs.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/214095 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Spectrum Copy Data Management 2.2.0.0-2.2.15.0

Remediation/Fixes

IBM Spectrum Copy Data Management Affected Versions|Fixing Level|Platform|**Link to Fix and Instructions
**
—|—|—|—
2.2.0.0-2.2.15.0| 2.2.16| Linux| <https://www.ibm.com/support/pages/node/6579847&gt;

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm spectrum copy data managementeq2.2

Related

ibm 7
nessus 66
openvas 25
ubuntucve 7
redhat 22
oraclelinux 3
virtuozzo 2
ubuntu 7
osv 9
centos 1
suse 1
mageia 2
debiancve 6
cve 6
prion 6
almalinux 1
veracode 5
photon 1
redhatcve 6
rocky 2
cbl_mariner 9
broadcom 2
githubexploit 1
cloudfoundry 1
f5 1
ibm
ibm
Security Bulletin: IBM DataPower Gateway vulnerable to network state information leakage (CVE-2021-20322, CVE-2021-45485, CVE-2021-45486)
2022-12-16 21:16:31
Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus
2022-06-29 23:37:51
Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System
2022-08-29 11:21:56
nessus
nessus
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1227)
2022-02-25 00:00:00
RHEL 7 : kpatch-patch (RHSA-2022:1373)
2022-04-14 00:00:00
RHEL 7 : kernel (RHSA-2022:1324)
2022-04-12 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1227)
2022-02-26 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1328)
2022-03-21 00:00:00
Ubuntu: Security Advisory (USN-5295-1)
2022-02-18 00:00:00
ubuntucve
ubuntucve
CVE-2021-45485
2021-12-25 00:00:00
CVE-2021-20269
2022-03-10 00:00:00
CVE-2021-45486
2021-12-25 00:00:00
redhat
redhat
(RHSA-2022:1324) Important: kernel security and bug fix update
2022-04-12 13:50:29
(RHSA-2022:1373) Important: kpatch-patch security update
2022-04-13 19:03:59
(RHSA-2022:0958) Important: kpatch-patch-4_18_0-147_58_1 security and bug fix update
2022-03-17 16:08:02
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2022-04-06 00:00:00
kernel security and bug fix update
2022-01-11 00:00:00
kexec-tools security, bug fix, and enhancement update
2021-11-16 00:00:00
virtuozzo
virtuozzo
[Important] [Security] Virtuozzo ReadyKernel patch 140.0 for Virtuozzo Hybrid Server 7.0, 7.5
2022-04-15 00:00:00
[Important] [Security] Virtuozzo ReadyKernel patch 146.1 for Virtuozzo Hybrid Server 7.5
2022-08-22 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-02-22 00:00:00
Linux kernel (HWE) vulnerabilities
2022-02-18 00:00:00
Linux kernel (OEM 5.14) vulnerabilities
2021-11-11 00:00:00
osv
osv
linux-hwe-5.13 vulnerabilities
2022-02-18 00:41:45
linux, linux-aws, linux-aws-5.13, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities
2022-02-22 07:14:53
linux-oem-5.14 vulnerabilities
2021-11-11 05:40:50
centos
centos
bpftool, kernel, perf, python security update
2022-01-18 13:57:43
suse
suse
Security update for the Linux Kernel (important)
2021-12-06 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2021-10-25 18:49:26
Updated kernel-linus packages fix security vulnerabilities
2021-10-25 18:49:26
debiancve
debiancve
CVE-2021-20269
2022-03-10 17:41:00
CVE-2021-45485
2021-12-25 02:15:00
CVE-2021-45486
2021-12-25 02:15:00
cve
cve
CVE-2021-20269
2022-03-10 17:41:00
CVE-2021-45485
2021-12-25 02:15:00
CVE-2021-45486
2021-12-25 02:15:00
prion
prion
Design/Logic Flaw
2022-03-10 17:41:00
Design/Logic Flaw
2021-05-06 17:15:00
Information disclosure
2021-12-25 02:15:00
almalinux
almalinux
Low: kexec-tools security, bug fix, and enhancement update
2021-11-09 09:17:49
veracode
veracode
Denial Of Service (DoS)
2021-11-13 00:40:51
Information Disclosure
2022-01-26 04:33:25
Denial Of Service (DoS)
2021-01-07 19:22:49
photon
photon
Important Photon OS Security Update - PHSA-2021-3.0-0325
2021-11-04 00:00:00
redhatcve
redhatcve
CVE-2021-20269
2021-03-08 09:33:30
CVE-2021-45486
2022-01-12 23:23:40
CVE-2020-25704
2020-11-09 14:59:39
rocky
rocky
kexec-tools security, bug fix, and enhancement update
2021-11-09 09:17:49
kernel-rt security and bug fix update
2022-05-10 06:42:36
cbl_mariner
cbl_mariner
CVE-2021-31916 affecting package kernel 5.10.189.1-1
2021-09-09 15:03:26
CVE-2020-25704 affecting package kernel 5.4.91-6
2021-01-29 07:40:05
CVE-2021-45486 affecting package kernel 5.10.189.1-1
2022-01-26 22:54:05
broadcom
broadcom
net ipv4 route.c has an information leak because the hash table is very small
2023-08-01 00:00:00
net ipv6 output_core.c has an information leak because of certain use of a hash
2023-08-01 00:00:00
githubexploit
githubexploit
Exploit for Use of a Broken or Risky Cryptographic Algorithm in Linux Linux Kernel
2022-04-28 07:38:04
cloudfoundry
cloudfoundry
USN-5294-2: Linux kernel vulnerabilities | Cloud Foundry
2022-03-11 00:00:00
f5
f5
K44994972 : Linux kernel vulnerability CVE-2020-25704
2022-03-31 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

67.6%

JSON
Related for ED670677BEE7F824FAA4922AD08CFBF43478203FCCB636E589E6854737336228
ibm7nessus66openvas25ubuntucve7redhat22oraclelinux3virtuozzo2ubuntu7osv9centos1suse1mageia2debiancve6cve6prion6almalinux1veracode5photon1redhatcve6rocky2cbl_mariner9broadcom2githubexploit1cloudfoundry1f51