vulnerability
CentOS Linux: CVE-2021-4083: Important: kpatch-patch security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | 2022-01-18 | 2022-04-06 | 2023-05-25 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
2022-01-18
Added
2022-04-06
Modified
2023-05-25
Description
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.
Solution(s)
centos-upgrade-kernelcentos-upgrade-kernel-rtcentos-upgrade-kpatch-patch-3_10_0-1160_24_1centos-upgrade-kpatch-patch-3_10_0-1160_24_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_25_1centos-upgrade-kpatch-patch-3_10_0-1160_25_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_31_1centos-upgrade-kpatch-patch-3_10_0-1160_31_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_36_2centos-upgrade-kpatch-patch-3_10_0-1160_36_2-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_41_1centos-upgrade-kpatch-patch-3_10_0-1160_41_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_42_2centos-upgrade-kpatch-patch-3_10_0-1160_42_2-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_45_1centos-upgrade-kpatch-patch-3_10_0-1160_45_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_49_1centos-upgrade-kpatch-patch-3_10_0-1160_49_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_53_1centos-upgrade-kpatch-patch-3_10_0-1160_53_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_59_1centos-upgrade-kpatch-patch-3_10_0-1160_59_1-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.