CVE-2021-4197Improper Authentication in Kernel

CWE-287Improper Authentication24 documents7 sources
Severity
7.8HIGHNVD
OSV7.0OSV6.5OSV4.7
EPSS
0.0%
top 97.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Linux KernelDebian LinuxDebian Linux+3 more
Timeline
PublishedMar 23
Latest updateOct 25

Description

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

NVDlinux/linux_kernel4.24.14.276+4
Debianlinux/linux_kernel< 5.10.113-1+3
Ubuntulinux/linux_kernel< 4.15.0-189.200+2
CVEListV5linux/linux_kernelLinux kernel 5.17-rc1
debiandebian/linux< linux 5.15.15-1 (bookworm)

Also affects: Debian Linux 10.0

🔴Vulnerability Details

10
OSV
linux-azure vulnerabilities2022-07-28
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities2022-07-13
OSV
linux-aws vulnerabilities2022-07-13
OSV
linux-lts-xenial, linux-kvm vulnerabilities2022-07-07
OSV
linux, linux-aws vulnerabilities2022-07-01

📋Vendor Advisories

12
Ubuntu
Linux kernel (Azure) vulnerabilities2022-07-28
Ubuntu
Linux kernel vulnerabilities2022-07-13
Ubuntu
Linux kernel (AWS) vulnerabilities2022-07-13
Ubuntu
Linux kernel vulnerabilities2022-07-07
Ubuntu
Linux kernel vulnerabilities2022-07-01

📄Research Papers

1
arXiv
PortGPT: Towards Automated Backporting Using Large Language Models2025-10-25