{"api_version":"1","generated_at":"2026-04-17T18:15:32+00:00","cve":"CVE-2021-33909","urls":{"html":"https://cve.report/CVE-2021-33909","api":"https://cve.report/api/cve/CVE-2021-33909.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-33909","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-33909"},"summary":{"title":"CVE-2021-33909","description":"fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2021-07-20 19:15:00","updated_at":"2023-11-07 03:35:00"},"problem_types":["CWE-787","CWE-190"],"metrics":[],"references":[{"url":"http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html","name":"http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html","refsource":"MISC","tags":[],"title":"Sequoia: A Deep Root In Linux's Filesystem Layer ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html","name":"[debian-lts-announce] 20210720 [SECURITY] [DLA 2713-2] linux security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2713-2] linux security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html","name":"[debian-lts-announce] 20210720 [SECURITY] [DLA 2713-1] linux security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2713-1] linux security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2021/08/25/10","name":"[oss-security] 20210825 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer","refsource":"MLIST","tags":[],"title":"oss-security - Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem\n layer","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2021/09/21/1","name":"[oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list","refsource":"MLIST","tags":[],"title":"oss-security - Re: Containers-optimized OS (COS) membership in the\n linux-distros list","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html","name":"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html","refsource":"MISC","tags":[],"title":"Kernel Live Patch Security Notice LSN-0081-1 ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2021/09/17/4","name":"[oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list","refsource":"MLIST","tags":[],"title":"oss-security - Re: Containers-optimized OS (COS) membership in the linux-distros list","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20210819-0004/","name":"https://security.netapp.com/advisory/ntap-20210819-0004/","refsource":"CONFIRM","tags":[],"title":"CVE-2021-33909 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4UHHIGISO3FVRF4CQNJS4IKA25ATSFU/","name":"FEDORA-2021-07dc0b3eb1","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: kernel-5.13.4-200.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html","name":"http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html","refsource":"MISC","tags":["Third Party Advisory"],"title":"Kernel Live Patch Security Notice LSN-0079-1 ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2021/07/22/7","name":"[oss-security] 20210722 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer","refsource":"MLIST","tags":[],"title":"oss-security - Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem\n layer","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","name":"https://www.oracle.com/security-alerts/cpujan2022.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - January 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.openwall.com/lists/oss-security/2021/07/20/1","name":"https://www.openwall.com/lists/oss-security/2021/07/20/1","refsource":"MISC","tags":[],"title":"oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem\n layer","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html","name":"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html","refsource":"MISC","tags":[],"title":"Kernel Live Patch Security Notice LSN-0083-1 ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2021/dsa-4941","name":"DSA-4941","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4941-1 linux","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b","name":"https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b","refsource":"CONFIRM","tags":[],"title":"seq_file: disallow extremely large seq buffer allocations · torvalds/linux@8cae8cd · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html","name":"[debian-lts-announce] 20210720 [SECURITY] [DLA 2714-1] linux-4.19 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2714-1] linux-4.19 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4UHHIGISO3FVRF4CQNJS4IKA25ATSFU/","name":"FEDORA-2021-07dc0b3eb1","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: kernel-5.13.4-200.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015","name":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015","refsource":"CONFIRM","tags":[],"title":"Security Advisory","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2021/09/17/2","name":"[oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list","refsource":"MLIST","tags":[],"title":"oss-security - Containers-optimized OS (COS) membership in the linux-distros list","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4","name":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4","refsource":"CONFIRM","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-33909","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33909","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"hci_management_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"solidfire","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_session_border_controller","cpe6":"8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_session_border_controller","cpe6":"8.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_session_border_controller","cpe6":"8.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"communications_session_border_controller","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"sonicwall","cpe5":"sma1000","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"33909","vulnerable":"1","versionEndIncluding":"12.4.2-02044","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"sonicwall","cpe5":"sma1000_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-33909","qid":"159308","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2021-2714)"},{"cve":"CVE-2021-33909","qid":"159310","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2021-2725)"},{"cve":"CVE-2021-33909","qid":"159315","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9368)"},{"cve":"CVE-2021-33909","qid":"159316","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9369)"},{"cve":"CVE-2021-33909","qid":"159317","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9370)"},{"cve":"CVE-2021-33909","qid":"159318","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9371)"},{"cve":"CVE-2021-33909","qid":"159319","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9372)"},{"cve":"CVE-2021-33909","qid":"159322","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2021-9374)"},{"cve":"CVE-2021-33909","qid":"159332","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9395)"},{"cve":"CVE-2021-33909","qid":"159338","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9404)"},{"cve":"CVE-2021-33909","qid":"159339","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9406)"},{"cve":"CVE-2021-33909","qid":"159340","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9407)"},{"cve":"CVE-2021-33909","qid":"159341","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9410)"},{"cve":"CVE-2021-33909","qid":"178710","title":"Debian Security Update for linux (DSA 4941-1)"},{"cve":"CVE-2021-33909","qid":"178712","title":"Debian Security Update for linux (DLA 2713-1)"},{"cve":"CVE-2021-33909","qid":"178713","title":"Debian Security Update for linux-4.19 (DLA 2714-1)"},{"cve":"CVE-2021-33909","qid":"178714","title":"Debian Security Update for linux (DLA 2713-2)"},{"cve":"CVE-2021-33909","qid":"179494","title":"Debian Security Update for linux (CVE-2021-33909)"},{"cve":"CVE-2021-33909","qid":"198435","title":"Ubuntu Security Notification for Linux kernel vulnerability (USN-5014-1) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"198436","title":"Ubuntu Security Notification for Linux kernel (OEM) vulnerabilities (USN-5015-1) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"198437","title":"Ubuntu Security Notification for Linux kernel vulnerabilities (USN-5016-1) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"198438","title":"Ubuntu Security Notification for Linux kernel vulnerabilities (USN-5017-1) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"198459","title":"Ubuntu Security Notification for Linux, Linux-aws, Linux-aws-hwe, Linux-azure, Linux-azure-4.15, Linux-gcp, (USN-5018-1)"},{"cve":"CVE-2021-33909","qid":"239495","title":"Red Hat Update for kpatch-patch (RHSA-2021:2727) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239497","title":"Red Hat Update for kpatch-patch (RHSA-2021:2723) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239498","title":"Red Hat Update for kernel (RHSA-2021:2722) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239500","title":"Red Hat Update for kpatch-patch (RHSA-2021:2720) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239501","title":"Red Hat Update for kernel-rt (RHSA-2021:2719) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239502","title":"Red Hat Update for kernel (RHSA-2021:2718) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239504","title":"Red Hat Update for kpatch-patch (RHSA-2021:2716) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239505","title":"Red Hat Update for kernel-rt (RHSA-2021:2715) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239506","title":"Red Hat Update for kernel (RHSA-2021:2714) (Sequoia)"},{"cve":"CVE-2021-33909","qid":"239520","title":"Red Hat Update for OpenShift Container Platform 4.7.21 (RHSA-2021:2763)"},{"cve":"CVE-2021-33909","qid":"239521","title":"Red Hat Update for kpatch-patch (RHSA-2021:2729)"},{"cve":"CVE-2021-33909","qid":"239522","title":"Red Hat Update for kernel (RHSA-2021:2728)"},{"cve":"CVE-2021-33909","qid":"239523","title":"Red Hat Update for kernel-rt (RHSA-2021:2726)"},{"cve":"CVE-2021-33909","qid":"239524","title":"Red Hat Update for kernel (RHSA-2021:2725)"},{"cve":"CVE-2021-33909","qid":"257100","title":"CentOS Security Update for kernel (CESA-2021:2725)"},{"cve":"CVE-2021-33909","qid":"281734","title":"Fedora Security Update for kernel (FEDORA-2021-07dc0b3eb1)"},{"cve":"CVE-2021-33909","qid":"352491","title":"Amazon Linux Security Advisory for kernel: ALAS-2021-1524"},{"cve":"CVE-2021-33909","qid":"352493","title":"Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-059"},{"cve":"CVE-2021-33909","qid":"352494","title":"Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-058"},{"cve":"CVE-2021-33909","qid":"352495","title":"Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-057"},{"cve":"CVE-2021-33909","qid":"352496","title":"Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-056"},{"cve":"CVE-2021-33909","qid":"352497","title":"Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-055"},{"cve":"CVE-2021-33909","qid":"352500","title":"Amazon Linux Security Advisory for kernel: ALAS2-2021-1691"},{"cve":"CVE-2021-33909","qid":"352828","title":"Amazon Linux Security Advisory for kernel: ALAC2012-2021-027"},{"cve":"CVE-2021-33909","qid":"352829","title":"Amazon Linux Security Advisory for kmod-sfc: ALAC2012-2021-028"},{"cve":"CVE-2021-33909","qid":"352830","title":"Amazon Linux Security Advisory for kmod-mlx5: ALAC2012-2021-029"},{"cve":"CVE-2021-33909","qid":"352831","title":"Amazon Linux Security Advisory for kernel: ALAC2012-2021-030"},{"cve":"CVE-2021-33909","qid":"352832","title":"Amazon Linux Security Advisory for kmod-sfc: ALAC2012-2021-031"},{"cve":"CVE-2021-33909","qid":"352833","title":"Amazon Linux Security Advisory for kmod-mlx5: ALAC2012-2021-032"},{"cve":"CVE-2021-33909","qid":"353146","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-005"},{"cve":"CVE-2021-33909","qid":"353157","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-003"},{"cve":"CVE-2021-33909","qid":"375710","title":"Linux Kernel Local Privilege Escalation Vulnerability (Sequoia)"},{"cve":"CVE-2021-33909","qid":"390220","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0025)"},{"cve":"CVE-2021-33909","qid":"390224","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0023)"},{"cve":"CVE-2021-33909","qid":"610386","title":"Google Android Devices December 2021 Security Patch Missing"},{"cve":"CVE-2021-33909","qid":"610391","title":"Google Android January 2022 Security Patch Missing for Samsung"},{"cve":"CVE-2021-33909","qid":"610392","title":"Google Android January 2022 Security Patch Missing for Huawei EMUI"},{"cve":"CVE-2021-33909","qid":"6140208","title":"AWS Bottlerocket Security Update for kernel (GHSA-73f7-3962-2mrj)"},{"cve":"CVE-2021-33909","qid":"670707","title":"EulerOS Security Update for kernel (EulerOS-SA-2021-2465)"},{"cve":"CVE-2021-33909","qid":"670744","title":"EulerOS Security Update for kernel (EulerOS-SA-2021-2502)"},{"cve":"CVE-2021-33909","qid":"670949","title":"EulerOS Security Update for kernel (EulerOS-SA-2021-2570)"},{"cve":"CVE-2021-33909","qid":"671033","title":"EulerOS Security Update for kernel (EulerOS-SA-2021-2569)"},{"cve":"CVE-2021-33909","qid":"671047","title":"EulerOS Security Update for kernel (EulerOS-SA-2021-2588)"},{"cve":"CVE-2021-33909","qid":"730155","title":"McAfee Web Gateway Multiple Vulnerabilities(WP-3580, WP-3656, WP-3815, WP-3878, WP-3882, WP-3934,WP-3935, WP-3936, WP-3999)"},{"cve":"CVE-2021-33909","qid":"750844","title":"SUSE Enterprise Linux Security Update for kernel (SUSE-SU-2021:2407-1)"},{"cve":"CVE-2021-33909","qid":"750847","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2409-1)"},{"cve":"CVE-2021-33909","qid":"750848","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2416-1)(Sequoia)"},{"cve":"CVE-2021-33909","qid":"750851","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2415-1)(Sequoia)"},{"cve":"CVE-2021-33909","qid":"750864","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2421-1)"},{"cve":"CVE-2021-33909","qid":"750868","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2427-1)"},{"cve":"CVE-2021-33909","qid":"750869","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2422-1)"},{"cve":"CVE-2021-33909","qid":"750877","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2427-1)"},{"cve":"CVE-2021-33909","qid":"750880","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2451-1)"},{"cve":"CVE-2021-33909","qid":"750887","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1076-1)"},{"cve":"CVE-2021-33909","qid":"750899","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (SUSE-SU-2021:2538-1)"},{"cve":"CVE-2021-33909","qid":"751437","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3876-1)"},{"cve":"CVE-2021-33909","qid":"751441","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3876-1)"},{"cve":"CVE-2021-33909","qid":"900096","title":"CBL-Mariner Linux Security Update for kernel 5.10.52.1"},{"cve":"CVE-2021-33909","qid":"900304","title":"CBL-Mariner Linux Security Update for kernel 5.10.57.1"},{"cve":"CVE-2021-33909","qid":"900319","title":"CBL-Mariner Linux Security Update for kernel 5.10.60.1"},{"cve":"CVE-2021-33909","qid":"901371","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (6565-1)"},{"cve":"CVE-2021-33909","qid":"903049","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (4638)"},{"cve":"CVE-2021-33909","qid":"905954","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (4638-1)"},{"cve":"CVE-2021-33909","qid":"940164","title":"AlmaLinux Security Update for kernel (ALSA-2021:2714)"},{"cve":"CVE-2021-33909","qid":"960070","title":"Rocky Linux Security Update for kernel (RLSA-2021:2714)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2021-33909","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"refsource":"MLIST","name":"[debian-lts-announce] 20210720 [SECURITY] [DLA 2713-2] linux security update","url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210720 [SECURITY] [DLA 2713-1] linux security update","url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210720 [SECURITY] [DLA 2714-1] linux-4.19 security update","url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html"},{"refsource":"DEBIAN","name":"DSA-4941","url":"https://www.debian.org/security/2021/dsa-4941"},{"refsource":"FEDORA","name":"FEDORA-2021-07dc0b3eb1","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4UHHIGISO3FVRF4CQNJS4IKA25ATSFU/"},{"refsource":"MLIST","name":"[oss-security] 20210722 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer","url":"http://www.openwall.com/lists/oss-security/2021/07/22/7"},{"refsource":"MLIST","name":"[oss-security] 20210825 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer","url":"http://www.openwall.com/lists/oss-security/2021/08/25/10"},{"refsource":"MLIST","name":"[oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list","url":"http://www.openwall.com/lists/oss-security/2021/09/17/2"},{"refsource":"MLIST","name":"[oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list","url":"http://www.openwall.com/lists/oss-security/2021/09/17/4"},{"refsource":"MLIST","name":"[oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list","url":"http://www.openwall.com/lists/oss-security/2021/09/21/1"},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"refsource":"MISC","name":"https://www.openwall.com/lists/oss-security/2021/07/20/1","url":"https://www.openwall.com/lists/oss-security/2021/07/20/1"},{"refsource":"CONFIRM","name":"https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b","url":"https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b"},{"refsource":"CONFIRM","name":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html","url":"http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html","url":"http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20210819-0004/","url":"https://security.netapp.com/advisory/ntap-20210819-0004/"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html","url":"http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html","url":"http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html"},{"refsource":"CONFIRM","name":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015","url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015"}]}},"nvd":{"publishedDate":"2021-07-20 19:15:00","lastModifiedDate":"2023-11-07 03:35:00","problem_types":["CWE-787","CWE-190"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.52","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.12.19","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"5.13.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12.43","versionEndExcluding":"3.13","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.16","versionEndExcluding":"4.4.276","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"4.9.276","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"4.14.240","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.198","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.134","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:communications_session_border_controller:8.2:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:sonicwall:sma1000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"12.4.2-02044","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:sonicwall:sma1000:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"33909","Ordinal":"209358","Title":"CVE-2021-33909","CVE":"CVE-2021-33909","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"33909","Ordinal":"1","NoteData":"fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"33909","Ordinal":"2","NoteData":"2021-07-20","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"33909","Ordinal":"3","NoteData":"2022-02-07","Type":"Other","Title":"Modified"}]}}}