vulnerability

Oracle Linux: CVE-2021-4197: ELSA-2022-9480: Unbreakable Enterprise kernel-container security update (IMPORTANT) (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:H/Au:S/C:C/I:C/A:N)	2021-09-12	2022-05-18	2025-01-23

Severity

CVSS

(AV:L/AC:H/Au:S/C:C/I:C/A:N)

Published

2021-09-12

Added

2022-05-18

Modified

2025-01-23

Description

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.

Solution(s)

oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek

References

CVE-2021-4197
https://attackerkb.com/topics/CVE-2021-4197
ELSA-ELSA-2022-9480
ELSA-ELSA-2022-9479
ELSA-ELSA-2022-1988

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today