CVE-2021-4197

Updated: 2023-11-07 19:12:46.496805

Description:

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.2
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Already Fixed 2024-01-20 08:38:43
AlmaLinux 9.2 FIPS kernel 5.14.0 7.8 HIGH Already Fixed 2024-01-20 08:37:50
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2023-04-13 03:22:34
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2024-07-01 10:09:55
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2023:1686585068 2023-06-13 09:12:59
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2023:1686651204 2023-06-13 09:12:58
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Already Fixed 2024-06-09 11:20:36
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2023-04-13 03:22:34
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Needs Triage 2024-09-06 04:49:47
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2023-04-13 03:22:34
Total: 13