vulnerability

Red Hat: CVE-2021-4001: kernel: race condition when the EBPF map is frozen

Name: Red Hat: CVE-2021-4001: kernel: race condition when the EBPF map is frozen
Creator: Red Hat
Published: 2022-01-21T00:00:00.000Z
Keywords: CVE, Red Hat, 2021, 4001, kernel, no-fix-redhat-rpm-package, Severity 5

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:M/Au:N/C:N/I:C/A:N)

Published

Jan 21, 2022

Added

Jul 9, 2025

Modified

Jul 9, 2025

Description

A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2.

Solution

no-fix-redhat-rpm-package

References

NVD-CVE-2021-4001

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report