PT-2021-7856 · Linux+8 · Linux Kernel+8

Yutian Yang

·

Published

2021-07-15

·

Updated

2024-06-15

·

CVE-2021-3759

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A memory overflow issue was found in the Linux kernel's ipc functionality of the memcg subsystem. This occurs when a user calls the semget function multiple times, creating semaphores, due to a lack of control over the allocation of resources. The flaw allows a local user to consume all available resources, leading to a denial of service. The primary threat posed by this issue is to system availability.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400

Related Identifiers

ALSA-2022:1988
BDU:2023-03801
CESA-2022_1975
CESA-2022_1988
CVE-2021-3759
DLA-3244-1
OESA-2021-1453
OPENSUSE-SU-2021:1271-1
OPENSUSE-SU-2021:3179-1
OPENSUSE-SU-2021:3205-1
OPENSUSE-SU-2021:3387-1
OPENSUSE-SU-2021:3876-1
OPENSUSE-SU-2021_1271-1
OPENSUSE-SU-2021_3179-1
OPENSUSE-SU-2021_3205-1
OPENSUSE-SU-2021_3387-1
OPENSUSE-SU-2021_3876-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2022:1975
RHSA-2022:1988
RHSA-2022_1975
RHSA-2022_1988
RLSA-2022:1975
RLSA-2022:1988
SUSE-SU-2021:3177-1
SUSE-SU-2021:3178-1
SUSE-SU-2021:3179-1
SUSE-SU-2021:3192-1
SUSE-SU-2021:3205-1
SUSE-SU-2021:3205-2
SUSE-SU-2021:3206-1
SUSE-SU-2021:3207-1
SUSE-SU-2021:3217-1
SUSE-SU-2021:3387-1
SUSE-SU-2021:3415-1
SUSE-SU-2021:3876-1
SUSE-SU-2021:3972-1
USN-5115-1
USN-5117-1
USN-5120-1
USN-5135-1
USN-5136-1
USN-5137-1
USN-5137-2

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu