An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.

References

packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html

blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html

bugzilla.suse.com/show_bug.cgi?id=1182715

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5

lists.debian.org/debian-lts-announce/2021/03/msg00010.html

lists.debian.org/debian-lts-announce/2021/03/msg00035.html

security.netapp.com/advisory/ntap-20210409-0001/

www.openwall.com/lists/oss-security/2021/03/06/1

www.oracle.com/security-alerts/cpuoct2021.html

cbl_mariner 2

ubuntucve 1

cvelist 1

veracode 1

debiancve 1

redhatcve 1

cve 1

nvd 1

nessus 82

redhat 23

oraclelinux 13

openvas 36

osv 6

cloudfoundry 1

virtuozzo 2

centos 1

ubuntu 4

slackware 1

cloudlinux 1

photon 6

ibm 4

mageia 2

amazon 2

almalinux 1

debian 2

suse 2

redos 1

cbl_mariner

CVE-2021-27365 affecting package kernel for versions less than 5.10.78.1-1

2022-04-09 06:52:47

CVE-2021-27365 affecting package kernel 5.10.189.1-1

2021-09-09 15:03:26

ubuntucve

CVE-2021-27365

2021-03-07 00:00:00

cvelist

CVE-2021-27365

2021-03-07 04:22:58

veracode

Privilege Escalation

2021-04-07 09:16:26

debiancve

CVE-2021-27365

2021-03-07 05:15:13

redhatcve

CVE-2021-27365

2021-03-05 19:04:14

cve

CVE-2021-27365

2021-03-07 05:15:13

nvd

CVE-2021-27365

2021-03-07 05:15:13

nessus

RHEL 7 : kpatch-patch (RHSA-2021:1069)

2021-04-06 00:00:00

RHEL 8 : kpatch-patch (RHSA-2021:1173)

2021-04-13 00:00:00

RHEL 7 : kpatch-patch (RHSA-2021:1377)

2021-05-03 00:00:00

redhat

(RHSA-2021:1069) Important: kpatch-patch security update

2021-04-06 07:27:25

(RHSA-2021:1173) Important: kpatch-patch security update

2021-04-13 10:01:55

(RHSA-2021:1071) Important: kernel security and bug fix update

2021-04-06 07:28:22

oraclelinux

Unbreakable Enterprise kernel-container security update

2021-03-18 00:00:00

Unbreakable Enterprise kernel security update

2021-03-17 00:00:00

Unbreakable Enterprise kernel-container security update

2021-03-17 00:00:00

openvas

Ubuntu: Security Advisory (USN-4883-1)

2021-03-20 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:1145-1)

2021-04-19 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:1075-1)

2021-04-19 00:00:00

osv

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

2021-03-29 16:52:26

linux, linux-lts-xenial vulnerabilities

2021-03-25 03:09:57

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm, linux-oem-5.10, linux-oem-5.6, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2-5.3 vulnerabilities

2021-03-23 21:57:53

cloudfoundry

USN-4883-1: Linux kernel vulnerabilities | Cloud Foundry

2021-04-14 00:00:00

virtuozzo

[Important] [Security] Virtuozzo ReadyKernel patch 125.0 for Virtuozzo Hybrid Server 7.0, 7.5, Virtuozzo Infrastructure Platform 3.0, and Virtuozzo Hybrid Infrastructure 3.5, 4.0

2021-04-05 00:00:00

[Important] [Security] New kernel 2.6.32-042stab146.1; Virtuozzo 6.0 Update 12 Hotfix 54 (6.0.12-3761)

2021-08-03 00:00:00

centos

bpftool, kernel, perf, python security update

2021-04-10 17:09:38

ubuntu

Linux kernel vulnerabilities

2021-03-25 00:00:00

Linux kernel vulnerabilities

2021-03-29 00:00:00

Linux kernel (Trusty HWE) vulnerabilities

2021-04-06 00:00:00

slackware

[slackware-security] Slackware 14.2 kernel

2021-03-14 04:08:15

cloudlinux

Fix of CVE: CVE-2021-27364, CVE-2021-27363, CVE-2021-27365

2021-09-21 22:01:04

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0375

2021-03-27 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0332

2021-03-27 00:00:00

Important Photon OS Security Update - PHSA-2021-0375

2021-03-24 00:00:00

ibm

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

2021-09-23 03:53:04

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to using components with known vulnerabilities

2021-07-30 05:04:09

Security Bulletin: Vulnerabilities in the Linux Kernel, Docker, Python, and NGINX affect IBM Spectrum Protect Plus

2021-12-10 18:57:01

mageia

Updated kernel packages fix security issues

2021-03-22 20:17:19

Updated kernel-linus packages fix security issues

2021-03-22 20:17:19

amazon

Important: kernel

2021-03-18 17:29:00

Important: kernel

2021-03-18 01:13:00

almalinux

Important: kernel security, bug fix, and enhancement update

2021-04-06 13:33:17

debian

[SECURITY] [DLA 2610-1] linux-4.19 security update

2021-03-30 21:45:31

[SECURITY] [DLA 2586-1] linux security update

2021-03-09 18:08:10

suse

Security update for the Linux Kernel (important)

2021-04-10 00:00:00

Security update for the Linux Kernel (important)

2021-05-22 00:00:00

redos

ROS-20220919-01

2022-09-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

39.2%

JSON

Related for PRION:CVE-2021-27365