PT-2021-7296 · Linux+5 · Linux Kernel+5

Haimin Zhang

Published

2021-12-15

Updated

2023-08-14

CVE-2021-4135

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue was discovered in the Linux kernel's eBPF related to the Simulated networking device driver. This issue arises when a user utilizes BPF for the device in a way that the nsim map alloc elem function is called. As a result, a local user could exploit this flaw to gain unauthorized access to certain data. The vulnerability is associated with a lack of protection for internal data, which could allow an attacker to gain unauthorized access to the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-401

Related Identifiers

ALT-PU-2022-1175

ALT-PU-2022-1647

ALT-PU-2022-2155

ALT-PU-2023-1684

ALT-PU-2023-1741

ALT-PU-2023-1814

ALT-PU-2023-4894

AZL-10137

BDU:2022-05417

CVE-2021-4135

DLA-2941-1

DSA-5096-1

MGASA-2021-0588

MGASA-2021-0589

OESA-2022-1484

OPENSUSE-SU-2022:0169-1

OPENSUSE-SU-2022:0198-1

OPENSUSE-SU-2022:0366-1

OPENSUSE-SU-2022_0169-1

OPENSUSE-SU-2022_0198-1

OPENSUSE-SU-2022_0366-1

SUSE-SU-2022:0169-1

SUSE-SU-2022:0197-1

SUSE-SU-2022:0198-1

SUSE-SU-2022:0288-1

SUSE-SU-2022:0289-1

SUSE-SU-2022:0364-1

SUSE-SU-2022:0366-1

SUSE-SU-2022:0372-1

SUSE-SU-2022:0555-1

USN-5278-1

USN-5337-1

USN-5338-1

USN-5368-1

USN-5377-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2021-7296 · Linux+5 · Linux Kernel+5

CVE-2021-4135

Weakness Enumeration

Related Identifiers

Affected Products

References · 307