vulnerability
CentOS Linux: CVE-2021-4083: Important: kpatch-patch security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Jan 18, 2022 | Apr 6, 2022 | May 25, 2023 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Jan 18, 2022
Added
Apr 6, 2022
Modified
May 25, 2023
Description
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.
Solutions
centos-upgrade-kernelcentos-upgrade-kernel-rtcentos-upgrade-kpatch-patch-3_10_0-1160_24_1centos-upgrade-kpatch-patch-3_10_0-1160_24_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_25_1centos-upgrade-kpatch-patch-3_10_0-1160_25_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_31_1centos-upgrade-kpatch-patch-3_10_0-1160_31_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_36_2centos-upgrade-kpatch-patch-3_10_0-1160_36_2-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_41_1centos-upgrade-kpatch-patch-3_10_0-1160_41_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_42_2centos-upgrade-kpatch-patch-3_10_0-1160_42_2-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_45_1centos-upgrade-kpatch-patch-3_10_0-1160_45_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_49_1centos-upgrade-kpatch-patch-3_10_0-1160_49_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_53_1centos-upgrade-kpatch-patch-3_10_0-1160_53_1-debuginfocentos-upgrade-kpatch-patch-3_10_0-1160_59_1centos-upgrade-kpatch-patch-3_10_0-1160_59_1-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.