1. Home
  2. Vulnerabilities
  3. CVE-2021-20265

CVE-2021-20265

CVSS v3.1 5.5 (Medium)
55% Progress
CVSS v2.0 4.9 (Medium)
49% Progress
EPSS 0.04 % (11th)
0.04% Progress
Affected Products 2
Advisories 6
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.

Weaknesses
CWE-400
Uncontrolled Resource Consumption
CWE-401
Missing Release of Memory after Effective Lifetime
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2021-03-10 16:15:16
(3 years ago)
Updated Date
2022-08-05 17:52:01
(2 years ago)

Affected Products

Linux

Oracle

Configuration #1

    CPE23 From Up To
  Linux Kernel cpe:2.3:o:linux:linux_kernel:-

Configuration #2

    CPE23 From Up To
  Oracle Tekelec Platform Distribution from 7.4.0 version and 7.7.1 and prior versions cpe:2.3:a:oracle:tekelec_platform_distribution >= 7.4.0 <= 7.7.1