5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.3%
A flaw was found in the Linux kernel. Measuring usage of the shared memory
does not scale with large shared memory segment counts which could lead to
resource exhaustion and DoS.
Author | Note |
---|---|
sbeattie | I think the issue is what is being addressed in the referenced lkml thread. |
rodrigo-zaiden | USN-5975-1 first publication included esm/xenial linux-gcp version 4.15.0-1146.162~16.04.1 by mistake, it got fixed in version 4.15.0-1147.163~16.04.1 as published in USN-6009-1. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1099.107 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1153.166 | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws | < 4.4.0-1155.170) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 14.04 | noarch | linux-aws | < 4.4.0-1117.123) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws-hwe | < 4.15.0-1153.166~16.04.1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < 5.4.0-1105.111 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-azure | < 4.15.0-1162.177~14.04.1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 16.04 | noarch | linux-azure | < 4.15.0-1162.177~16.04.1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 18.04 | noarch | linux-azure-4.15 | < 4.15.0-1162.177 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-raspi2 | < 4.15.0-1129.137 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2021-3669
lore.kernel.org/all/[email protected]/
nvd.nist.gov/vuln/detail/CVE-2021-3669
security-tracker.debian.org/tracker/CVE-2021-3669
ubuntu.com/security/notices/USN-5924-1
ubuntu.com/security/notices/USN-5927-1
ubuntu.com/security/notices/USN-5975-1
ubuntu.com/security/notices/USN-5980-1
ubuntu.com/security/notices/USN-5981-1
ubuntu.com/security/notices/USN-5984-1
ubuntu.com/security/notices/USN-5985-1
ubuntu.com/security/notices/USN-5991-1
ubuntu.com/security/notices/USN-6001-1
ubuntu.com/security/notices/USN-6009-1
ubuntu.com/security/notices/USN-6013-1
ubuntu.com/security/notices/USN-6014-1
ubuntu.com/security/notices/USN-6020-1
ubuntu.com/security/notices/USN-6030-1
ubuntu.com/security/notices/USN-6151-1
www.cve.org/CVERecord?id=CVE-2021-3669
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.3%