vulnerability

Oracle Linux: CVE-2021-4002: ELSA-2022-9348: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:L/Au:N/C:P/I:P/A:N)	Nov 25, 2021	Apr 26, 2022	Jan 23, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:N)

Published

Nov 25, 2021

Added

Apr 26, 2022

Modified

Jan 23, 2025

Description

A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.

Solution(s)

oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek

References

CVE-2021-4002
https://attackerkb.com/topics/CVE-2021-4002
ELSA-ELSA-2022-9348
ELSA-ELSA-2022-9314
ELSA-ELSA-2022-1988
ELSA-ELSA-2022-9313

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today