vulnerability

Oracle Linux: CVE-2021-4002: ELSA-2022-1988: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:L/Au:N/C:P/I:P/A:N)	Nov 25, 2021	Apr 26, 2022	Jul 21, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:N)

Published

Nov 25, 2021

Added

Apr 26, 2022

Modified

Jul 21, 2025

Description

A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.

Solutions

oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek

References

CVE-2021-4002
https://attackerkb.com/topics/CVE-2021-4002
ELSA-ELSA-2022-1988
ELSA-ELSA-2022-9313
ELSA-ELSA-2022-9314
ELSA-ELSA-2022-9348
CWE-459
CWE-401

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today