1. Home
  2. Vulnerabilities
  3. CVE-2021-4197

CVE-2021-4197

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 7.2 (High)
72% Progress
EPSS 0.04 % (10th)
0.04% Progress
Affected Products 14
Advisories 39
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.

Weaknesses
CWE-287
Improper Authentication
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2022-03-23 20:15:10
(2 years ago)
Updated Date
2023-11-07 03:40:21
(10 months ago)

Affected Products

Broadcom

Debian

Linux

Netapp

Oracle

Configuration #1

    CPE23 From Up To
  Linux Kernel from 4.2 version and prior 4.14.276 version cpe:2.3:o:linux:linux_kernel >= 4.2 < 4.14.276
  Linux Kernel from 4.15 version and prior 4.19.238 version cpe:2.3:o:linux:linux_kernel >= 4.15 < 4.19.238
  Linux Kernel from 4.20 version and prior 5.4.189 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.189
  Linux Kernel from 5.5 version and prior 5.10.111 version cpe:2.3:o:linux:linux_kernel >= 5.5 < 5.10.111
  Linux Kernel from 5.11 version and prior 5.15.14 version cpe:2.3:o:linux:linux_kernel >= 5.11 < 5.15.14

Configuration #2

    CPE23 From Up To
  Oracle Communications Cloud Native Core Binding Support Function 22.1.1 cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1
  Oracle Communications Cloud Native Core Binding Support Function 22.1.3 cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3
  Oracle Communications Cloud Native Core Binding Support Function 22.2.0 cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0

Configuration #3

    CPE23 From Up To
  Broadcom Brocade Fabric Operating System Firmware cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-

Configuration #4

AND
    CPE23 From Up To
OR  
  Netapp H300s Firmware cpe:2.3:o:netapp:h300s_firmware:-
OR  
  Running on/with
  Netapp H300s cpe:2.3:h:netapp:h300s:-

Configuration #5

AND
    CPE23 From Up To
OR  
  Netapp H500s Firmware cpe:2.3:o:netapp:h500s_firmware:-
OR  
  Running on/with
  Netapp H500s cpe:2.3:h:netapp:h500s:-

Configuration #6

AND
    CPE23 From Up To
OR  
  Netapp H700s Firmware cpe:2.3:o:netapp:h700s_firmware:-
OR  
  Running on/with
  Netapp H700s cpe:2.3:h:netapp:h700s:-

Configuration #7

AND
    CPE23 From Up To
OR  
  Netapp H410s Firmware cpe:2.3:o:netapp:h410s_firmware:-
OR  
  Running on/with
  Netapp H410s cpe:2.3:h:netapp:h410s:-

Configuration #8

AND
    CPE23 From Up To
OR  
  Netapp H410c Firmware cpe:2.3:o:netapp:h410c_firmware:-
OR  
  Running on/with
  Netapp H410c cpe:2.3:h:netapp:h410c:-