CVE-2021-3635

CVSS v3.1 4.4 (Medium)

CVSS v2.0 4.9 (Medium)

EPSS 0.04 % (13^th)

Affected Products 3

Advisories 5

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.

Weaknesses

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2021-08-13 14:15:07
(3 years ago)
Updated Date: 2021-08-23 20:33:15
(3 years ago)

Affected Products

Configuration #1

	CPE23	Up To
Linux Kernel prior 5.5 version	cpe:2.3:o:linux:linux_kernel	< 5.5
Linux Kernel 5.5 Rc1	cpe:2.3:o:linux:linux_kernel:5.5:rc1
Linux Kernel 5.5 Rc2	cpe:2.3:o:linux:linux_kernel:5.5:rc2
Linux Kernel 5.5 Rc3	cpe:2.3:o:linux:linux_kernel:5.5:rc3
Linux Kernel 5.5 Rc4	cpe:2.3:o:linux:linux_kernel:5.5:rc4
Linux Kernel 5.5 Rc5	cpe:2.3:o:linux:linux_kernel:5.5:rc5
Linux Kernel 5.5 Rc6	cpe:2.3:o:linux:linux_kernel:5.5:rc6

Configuration #2

		CPE23	From	Up To
	Redhat Enterprise Linux 6.0	cpe:2.3:o:redhat:enterprise_linux:6.0
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0

Configuration #3

		CPE23	From	Up To
	Fedoraproject Fedora 34	cpe:2.3:o:fedoraproject:fedora:34

Weaknesses

Affected Products

Fedoraproject

Linux

Redhat

Configuration #1

Configuration #2

Configuration #3