CVE-2021-4028

{"id": "CVE-2021-4028", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-08-24T16:15:09.197", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2021-4028", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027201", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lkml.org/lkml/2021/10/4/697", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20221228-0002/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-416"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system."}, {"lang": "es", "value": "Un fallo en la implementaci\u00f3n del kernel de Linux del c\u00f3digo de escucha del administrador de comunicaciones RDMA permit\u00eda a un atacante con acceso local configurar un socket para que escuchara en un puerto alto, lo que permit\u00eda un uso de memoria previamente liberada de un elemento de la lista. Dada la capacidad de ejecutar c\u00f3digo, un atacante local podr\u00eda aprovechar este uso de memoria previamente liberada para bloquear el sistema o posiblemente escalar privilegios en el sistema."}], "lastModified": "2023-02-10T16:18:15.417", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "247858D3-F7A3-4645-8903-6EDFD43FB0E1", "versionEndExcluding": "5.10.71", "versionStartIncluding": "5.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A437B0D-8305-4C72-B691-D26986A126CF", "versionEndExcluding": "5.14.10", "versionStartIncluding": "5.11"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise:15.0:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4160B6E-BB1D-4476-877E-5D8CA47226DE"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise:15.0:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6A1F863-4D18-45F9-86D5-91ED3B38EB47"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}