CVE-2021-3715
Summary
| CVE | CVE-2021-3715 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-03-02 23:15:00 UTC |
|---|
| Updated | 2023-01-24 15:07:00 UTC |
|---|
| Description | A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Operating System |
Linux |
Linux Kernel |
All |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| kernel/git/torvalds/linux.git - Linux kernel source tree |
MISC |
git.kernel.org |
|
| net_sched: cls_route: remove the right filter from hashtable · torvalds/linux@ef299cc · GitHub |
MISC |
github.com |
|
| 1993988 – (CVE-2021-3715) CVE-2021-3715 kernel: use-after-free in route4_change() in net/sched/cls_route.c |
MISC |
bugzilla.redhat.com |
|
| oss-security - CVE-2021-3715 Linux kernel: use-after-free in
route4_change() in net/sched/cls_route.c |
MISC |
www.openwall.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159378 Oracle Enterprise Linux Security Update for kernel (ELSA-2021-3438)
- 159403 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9459)
- 179846 Debian Security Update for linux (CVE-2021-3715)
- 239612 Red Hat Update for kernel (RHSA-2021:3446)
- 239613 Red Hat Update for kernel-rt (RHSA-2021:3445)
- 239614 Red Hat Update for kernel (RHSA-2021:3444)
- 239615 Red Hat Update for kpatch-patch (RHSA-2021:3443)
- 239616 Red Hat Update for kpatch-patch (RHSA-2021:3442)
- 239617 Red Hat Update for kpatch-patch (RHSA-2021:3441)
- 239619 Red Hat Update for kernel-rt (RHSA-2021:3439)
- 239620 Red Hat Update for kernel (RHSA-2021:3438)
- 257115 CentOS Security Update for kernel (CESA-2021:3438)
- 390248 Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0035)
- 610418 Google Pixel Android June 2022 Security Patch Missing
- 610422 Google Android July 2022 Security Patch Missing for Huawei EMUI
- 671051 EulerOS Security Update for kernel (EulerOS-SA-2021-2663)
- 751238 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (SUSE-SU-2021:3459-1)
- 751336 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1460-1)
- 751342 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3641-1)
- 751346 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3655-1)
- 751349 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1477-1)
- 751353 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3675-1)
- 751381 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3748-1)
- 751437 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3876-1)
- 751441 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3876-1)
- 751451 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3935-1)
- 751476 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3972-1)
