CVE-2021-3669Uncontrolled Resource Consumption in Kernel

CWE-400Uncontrolled Resource ConsumptionCWE-770Allocation of Resources Without Limits or Throttling32 documents8 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
22
Linux KernelRedhat Build OF QuarkusIBM Spectrum Copy Data Management+19 more
Timeline
PublishedAug 26
Latest updateJun 8

Description

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

Debianlinux/linux_kernel< 5.10.226-1+3
Ubuntulinux/linux_kernel< 4.15.0-208.220+1
CVEListV5linux/linux_kernelNot Known
NVDredhat/build_of_quarkus2.02.7
NVDibm/spectrum_protect_plus10.1.010.1.10.2

Also affects: Debian Linux 10.0, 11.0, Enterprise Linux 6.0, 7.0, 8.0, 8.6, 8, Fedora 34, Openshift Container Platform 4.6, 4.7, 4.9

🔴Vulnerability Details

14
OSV
linux-xilinx-zynqmp vulnerabilities2023-06-08
OSV
linux-snapdragon vulnerabilities2023-04-19
OSV
linux-bluefield vulnerabilities2023-04-14
OSV
linux-gcp vulnerabilities2023-04-11
OSV
linux-gcp-4.15 vulnerabilities2023-03-31

📋Vendor Advisories

17
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities2023-06-08
Ubuntu
Linux kernel (Qualcomm Snapdragon) vulnerabilities2023-04-19
Ubuntu
Linux kernel (BlueField) vulnerabilities2023-04-14
Ubuntu
Linux kernel (AWS) vulnerabilities2023-04-12
Ubuntu
Linux kernel vulnerabilities2023-04-12
CVE-2021-3669 — Uncontrolled Resource Consumption | cvebase