1. Home
  2. Vulnerabilities
  3. CVE-2021-3715

CVE-2021-3715

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 7.2 (High)
72% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 1
Advisories 27
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2022-03-02 23:15:08
(2 years ago)
Updated Date
2023-01-24 15:07:31
(20 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 3.18 version and prior 4.4.218 version cpe:2.3:o:linux:linux_kernel >= 3.18 < 4.4.218
  Linux Kernel from 4.5 version and prior 4.9.218 version cpe:2.3:o:linux:linux_kernel >= 4.5 < 4.9.218
  Linux Kernel from 4.10 version and prior 4.14.175 version cpe:2.3:o:linux:linux_kernel >= 4.10 < 4.14.175
  Linux Kernel from 4.15 version and prior 4.19.114 version cpe:2.3:o:linux:linux_kernel >= 4.15 < 4.19.114
  Linux Kernel from 4.20 version and prior 5.4.29 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.29
  Linux Kernel from 5.5.0 version and prior 5.5.14 version cpe:2.3:o:linux:linux_kernel >= 5.5.0 < 5.5.14