CVE-2021-3492
Description
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
24.443
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-4917-1) linux-image-aws_5.4.0.1045.27_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-aws_5.4.0.1045.46_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-aws_5.8.0.1030.32_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gcp_5.4.0.1042.29_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gcp_5.4.0.1042.51_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gcp_5.8.0.1028.28_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gke_5.8.0.1028.28_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-kvm_5.4.0.1038.36_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-kvm_5.8.0.1024.26_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oem_5.4.0.72.75_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oem_5.4.0.72.80~18.04.65_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-azure_5.4.0.1046.25_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-azure_5.4.0.1046.44_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-azure_5.8.0.1029.29_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gkeop_5.4.0.1014.17_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oracle_5.4.0.1043.40_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oracle_5.8.0.1026.25_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oracle_5.4.0.1043.46~18.04.25_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-generic_5.4.0.72.75_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-generic_5.8.0.50.55_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gke-5.3_5.3.0.1042.25_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gke-5.4_5.4.0.1042.44~18.04.8_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-virtual_5.4.0.72.75_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-virtual_5.8.0.50.55_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oem-osp1_5.4.0.72.75_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oem-osp1_5.4.0.72.80~18.04.65_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gkeop-5.3_5.3.0.73.130_i386.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gkeop-5.3_5.3.0.73.130_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gkeop-5.4_5.4.0.1014.17_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-gkeop-5.4_5.4.0.1014.15~18.04.15_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oem-20.04_5.8.0.50.55_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-lowlatency_5.4.0.72.75_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-lowlatency_5.8.0.50.55_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-oem-20.04b_5.10.0.1022.23_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.3.0-1042-gke_5.3.0-1042.45_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1038-kvm_5.4.0-1038.39_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1042-gcp_5.4.0-1042.45_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1042-gcp_5.4.0-1042.45~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1042-gke_5.4.0-1042.44~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1045-aws_5.4.0-1045.47_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1045-aws_5.4.0-1045.47~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-1024-kvm_5.8.0-1024.26_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-1028-gcp_5.8.0-1028.29_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-1030-aws_5.8.0-1030.32_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.10.0-1022-oem_5.10.0-1022.23_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.3.0-73-generic_5.3.0-73.69_i386.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.3.0-73-generic_5.3.0-73.69_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1014-gkeop_5.4.0-1014.15_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1014-gkeop_5.4.0-1014.15~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1046-azure_5.4.0-1046.48_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1046-azure_5.4.0-1046.48~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-72-generic_5.4.0-72.80_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-72-generic_5.4.0-72.80~18.04.1_i386.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-72-generic_5.4.0-72.80~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-1029-azure_5.8.0-1029.31_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-50-generic_5.8.0-50.56_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-50-generic_5.8.0-50.56~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1043-oracle_5.4.0-1043.46_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-1043-oracle_5.4.0-1043.46~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-1026-oracle_5.8.0-1026.27_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-generic-hwe-18.04_5.4.0.72.80~18.04.65_i386.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-generic-hwe-18.04_5.4.0.72.80~18.04.65_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-generic-hwe-20.04_5.8.0.50.56~20.04.34_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-virtual-hwe-18.04_5.4.0.72.80~18.04.65_i386.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-virtual-hwe-18.04_5.4.0.72.80~18.04.65_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-virtual-hwe-20.04_5.8.0.50.56~20.04.34_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.3.0-73-lowlatency_5.3.0-73.69_i386.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.3.0-73-lowlatency_5.3.0-73.69_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-72-lowlatency_5.4.0-72.80_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-72-lowlatency_5.4.0-72.80~18.04.1_i386.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.4.0-72-lowlatency_5.4.0-72.80~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-50-lowlatency_5.8.0-50.56_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-5.8.0-50-lowlatency_5.8.0-50.56~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-lowlatency-hwe-18.04_5.4.0.72.80~18.04.65_i386.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-lowlatency-hwe-18.04_5.4.0.72.80~18.04.65_amd64.deb | Linux |
| Linux kernel (USN-4917-1) linux-image-lowlatency-hwe-20.04_5.8.0.50.56~20.04.34_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234