vulnerability

Red Hat: CVE-2021-4197: CVE-2021-4197 kernel: cgroup: Use open-time creds and namespace for migration perm checks (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Mar 23, 2022	May 13, 2022	Aug 11, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Mar 23, 2022

Added

May 13, 2022

Modified

Aug 11, 2025

Description

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.

Solutions

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

CWE-287
NVD-CVE-2021-4197
REDHAT-RHSA-2022:1975
REDHAT-RHSA-2022:1988
REDHAT-RHSA-2022:5626
REDHAT-RHSA-2022:5633

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today