CVE-2021-4197

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:40

Type Values Removed Values Added
References
  • {'url': 'https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/', 'name': 'https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/', 'tags': ['Exploit', 'Mailing List', 'Third Party Advisory'], 'refsource': 'MISC'}
  • () https://lore.kernel.org/lkml/20211209214707.805617-1-tj%40kernel.org/T/ -

03 Feb 2023, 23:59

Type Values Removed Values Added
CPE cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

05 Oct 2022, 18:37

Type Values Removed Values Added
First Time Netapp h500s
Broadcom
Netapp h410s Firmware
Debian
Broadcom brocade Fabric Operating System Firmware
Netapp h700s
Oracle communications Cloud Native Core Binding Support Function
Netapp h300s
Netapp h410c
Netapp h410c Firmware
Debian debian Linux
Netapp
Oracle
Netapp h300s Firmware
Netapp h700s Firmware
Netapp h410s
Netapp h500s Firmware
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2022/dsa-5127 - (DEBIAN) https://www.debian.org/security/2022/dsa-5127 - Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2022/dsa-5173 - (DEBIAN) https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20220602-0006/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20220602-0006/ - Third Party Advisory
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

25 Jul 2022, 18:18

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

04 Jul 2022, 11:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5173 -

02 Jun 2022, 20:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20220602-0006/ -

03 May 2022, 11:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5127 -

30 Mar 2022, 20:10

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
CVSS v2 : unknown
v3 : unknown
v2 : 7.2
v3 : 7.8
CPE cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-287
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2035652 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2035652 - Issue Tracking, Third Party Advisory
References (MISC) https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/ - (MISC) https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/ - Exploit, Mailing List, Third Party Advisory

23 Mar 2022, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-03-23 20:15

Updated : 2023-12-10 14:22


NVD link : CVE-2021-4197

Mitre link : CVE-2021-4197

CVE.ORG link : CVE-2021-4197


JSON object : View

Products Affected

netapp

  • h500s
  • h410c
  • h700s_firmware
  • h410s
  • h500s_firmware
  • h300s
  • h700s
  • h300s_firmware
  • h410s_firmware
  • h410c_firmware

oracle

  • communications_cloud_native_core_binding_support_function

linux

  • linux_kernel

broadcom

  • brocade_fabric_operating_system_firmware

debian

  • debian_linux
CWE
CWE-287

Improper Authentication