A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
|
History
12 Feb 2023, 23:42
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. |
02 Feb 2023, 21:21
Type | Values Removed | Values Added |
---|---|---|
Summary | A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. | |
References |
|
|
06 Oct 2022, 20:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:* cpe:2.3:a:redhat:build_of_quarkus:2.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
|
First Time |
Redhat enterprise Linux For Real Time For Nfv Tus
Redhat codeready Linux Builder For Power Little Endian Eus Redhat developer Tools Redhat Oracle communications Cloud Native Core Network Exposure Function Redhat enterprise Linux Eus Redhat enterprise Linux For Real Time For Nfv Redhat codeready Linux Builder Redhat enterprise Linux Server Tus Redhat enterprise Linux Redhat build Of Quarkus Redhat enterprise Linux For Ibm Z Systems Eus Oracle communications Cloud Native Core Policy Oracle communications Cloud Native Core Binding Support Function Redhat enterprise Linux For Power Little Endian Eus Redhat enterprise Linux For Real Time Redhat virtualization Host Redhat enterprise Linux Server Eus Redhat codeready Linux Builder Eus Redhat enterprise Linux Server Update Services For Sap Solutions Redhat codeready Linux Builder For Power Little Endian Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Oracle |
|
References | (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/ - Mailing List, Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/09/14/1 - Exploit, Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/ - Mailing List, Third Party Advisory |
25 Jul 2022, 18:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 May 2022, 19:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Mar 2022, 15:16
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-401 | |
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 5.5 |
First Time |
Linux linux Kernel
Debian debian Linux Fedoraproject fedora Linux Debian Fedoraproject |
|
References | (MISC) https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680 - Patch, Third Party Advisory | |
References | (MISC) https://seclists.org/oss-sec/2021/q3/164 - Exploit, Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0 - Mailing List, Patch, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html - Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5096 - Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2000627 - Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:* |
10 Mar 2022, 17:43
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Mar 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-04 16:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-3744
Mitre link : CVE-2021-3744
CVE.ORG link : CVE-2021-3744
JSON object : View
Products Affected
debian
- debian_linux
redhat
- enterprise_linux_server_tus
- enterprise_linux_eus
- codeready_linux_builder_for_power_little_endian
- enterprise_linux_for_real_time_for_nfv
- enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
- codeready_linux_builder_for_power_little_endian_eus
- enterprise_linux_for_power_little_endian_eus
- enterprise_linux_server_eus
- codeready_linux_builder
- enterprise_linux_for_ibm_z_systems_eus
- build_of_quarkus
- enterprise_linux_for_real_time_for_nfv_tus
- virtualization_host
- codeready_linux_builder_eus
- developer_tools
- enterprise_linux
- enterprise_linux_for_real_time
- enterprise_linux_server_update_services_for_sap_solutions
linux
- linux_kernel
oracle
- communications_cloud_native_core_policy
- communications_cloud_native_core_binding_support_function
- communications_cloud_native_core_network_exposure_function
fedoraproject
- fedora
CWE
CWE-401
Missing Release of Memory after Effective Lifetime