vulnerability

Oracle Linux: CVE-2021-4002: ELSA-2022-9348: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:L/Au:N/C:P/I:P/A:N)	2021-11-25	2022-04-26	2025-01-23

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:N)

Published

2021-11-25

Added

2022-04-26

Modified

2025-01-23

Description

A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.

Solution(s)

oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek

References

CVE-2021-4002
https://attackerkb.com/topics/CVE-2021-4002
ELSA-ELSA-2022-9348
ELSA-ELSA-2022-9314
ELSA-ELSA-2022-1988
ELSA-ELSA-2022-9313

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today