CVE-2021-43389
published 2021-11-04CVE-2021-43389: An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 5.14.16-1 (bookworm) | linux 5.14.16-1 (bookworm) |
| linux | linux_kernel | < 5.14.15 | 5.14.15 |
| linux | linux_kernel | >= 0 < 5.10.84-1 | 5.10.84-1 |
| linux | linux_kernel | >= 0 < 5.14.16-1 | 5.14.16-1 |
| linux | linux_kernel | >= 0 < 5.14.16-1 | 5.14.16-1 |
| linux | linux_kernel | >= 0 < 5.14.16-1 | 5.14.16-1 |
| linux | linux_kernel | >= 0 < 4.15.0-166.174 | 4.15.0-166.174 |
| linux | linux_kernel | >= 0 < 5.4.0-92.103 | 5.4.0-92.103 |
| linux | linux_kernel | >= 0 < 5.4.0-94.106 | 5.4.0-94.106 |
| linux | linux_kernel | >= 0 < 4.4.0-222.255 | 4.4.0-222.255 |
| msrc | cbl2_kernel_5.10.78.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_kernel_5.10.78.1-1_on_cbl_mariner_1.0 | — | — |
| oracle | communications_cloud_native_core_binding_support_function | — | — |
| oracle | communications_cloud_native_core_network_exposure_function | — | — |
| oracle | communications_cloud_native_core_policy | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv7.8HIGH
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-03-22·CVSS 7.8
CVE-2020-25673 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
It was discovered that the aufs file system in the Linux kernel did not
properly restrict mount namespaces, when mounted with the non-default
allow_userns option set. A local attacker could use this to gain
administrative privileges. (CVE-2016-2853)
It was discovered that the aufs file system in the Linux kernel did not
properly maintain POSIX ACL xattr data, when mounted with the non-default
allow_userns option. A local attacker could possibly us
Ubuntu
Linux kernel regression
vendor_ubuntu·2022-01-12·CVSS 6.5
[MEDIUM] Linux kernel regression
Title: Linux kernel regression
Summary: USN-5210-1 introduced a regression in the Linux kernel.
USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately,
that update introduced a regression that caused failures to boot in
environments with AMD Secure Encrypted Virtualization (SEV) enabled.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that the Linux kernel did not properly enforce certain
types of entries in the Secure Boot Forbidden Signature Database (aka dbx)
protection
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2022-01-11·CVSS 4.7
CVE-2021-41864 [MEDIUM] Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that the eBPF implementation in the Linux kernel did
not properly validate the memory size of certain ring buffer operation
arguments. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-4204)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of serv
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-01-06·CVSS 4.4
CVE-2021-4002 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that a race condition existed in the timer implementation
in the Linux kernel. A privileged attacker could use this cause a denial of
service. (CVE-2021-20317)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2021-20321)
It was discovered that the NFC subsystem in the Linux kernel contained
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-01-06·CVSS 4.7
CVE-2021-43389 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2021-20321)
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A local attacker could possibly use this to cause a denial
of service (system crash) or execut
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2022-01-06·CVSS 6.5
CVE-2021-4002 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that the Linux kernel did not properly enforce certain
types of entries in the Secure Boot Forbidden Signature Database (aka dbx)
protection mechanism. An attacker could use this to bypass UEFI Secure Boot
restrictions. (CVE-2020-26541)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2021-20
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2021-11-30·CVSS 7.8
CVE-2021-3772 [HIGH] Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2021-3760)
It was discovered that the SCTP protocol implementation in the Linux kernel
did not properly verify VTAGs in some situations. A remote attacker could
possibly use this to cause a denial of service (connection disassociation).
(CVE-2021-3772)
It was discovered that the AMD Radeon GPU driver in the Linux kernel did
not properly validate writes in the debugfs file system. A privileged
attacker could use t
Ubuntu
Linux kernel (OEM 5.10) vulnerabilities
vendor_ubuntu·2021-11-11·CVSS 3.3
CVE-2021-43056 [LOW] Linux kernel (OEM 5.10) vulnerabilities
Title: Linux kernel (OEM 5.10) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Ilja Van Sprundel discovered that the SCTP implementation in the Linux
kernel did not properly perform size validations on incoming packets in
some situations. An attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2021-3655)
It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in
the Linux kernel did not properly deallocate memory in some error
conditions. A local attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2021-3744, CVE-2021-3764)
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A l
Microsoft
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
vendor_msrc·2021-11-09·CVSS 5.5
CVE-2021-43389 [MEDIUM] CWE-125 An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mari
Red Hat
kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c
vendor_redhat·2021-09-24·CVSS 5.5
CVE-2021-43389 [MEDIUM] CWE-125 kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c
kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
An improper validation of an array index and out of bounds memory read in the Linux kernel's Integrated Services Digital Network (ISDN) functionality was found in the way users call ioctl CMTPCONNADD. A local user could use this flaw to crash the system or starve the resources causing denial of service.
Mitigation: To mitigate this issue, prevent the module isdn from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
Package: kernel (R
Debian
CVE-2021-43389: linux - An issue was discovered in the Linux kernel before 5.14.15. There is an array-in...
vendor_debian·2021·CVSS 5.5
CVE-2021-43389 [MEDIUM] CVE-2021-43389: linux - An issue was discovered in the Linux kernel before 5.14.15. There is an array-in...
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
Scope: local
bookworm: resolved (fixed in 5.14.16-1)
bullseye: resolved (fixed in 5.10.84-1)
forky: resolved (fixed in 5.14.16-1)
sid: resolved (fixed in 5.14.16-1)
trixie: resolved (fixed in 5.14.16-1)
GHSA
GHSA-7pcx-9wjr-42p4: An issue was discovered in the Linux kernel before 5
ghsa_unreviewed·2022-05-24
CVE-2021-43389 [MEDIUM] CWE-125 GHSA-7pcx-9wjr-42p4: An issue was discovered in the Linux kernel before 5
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
osv·2022-03-22·CVSS 7.8
CVE-2022-0492 [HIGH] linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
It was discovered that the aufs file system in the Linux kernel did not
properly restrict mount namespaces, when mounted with the non-default
allow_userns option set. A local attacker could use this to gain
administrative privileges. (CVE-2016-2853)
It was discovered that the aufs file system in the Linux kernel did not
properly maintain POSIX ACL xattr data, when mounted with the non-default
allow_userns option. A local attacker could possibly use this to gain
elevated privileges. (CVE
OSV
linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4 regression
osv·2022-01-12·CVSS 6.5
[MEDIUM] linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4 regression
linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4 regression
USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately,
that update introduced a regression that caused failures to boot in
environments with AMD Secure Encrypted Virtualization (SEV) enabled.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that the Linux kernel did not properly enforce certain
types of entries in the Secure Boot Forbidden Signature Database (aka dbx)
protection mechanism. An attacker could use this
OSV
linux-oem-5.13 vulnerabilities
osv·2022-01-11·CVSS 4.7
CVE-2021-4002 [MEDIUM] linux-oem-5.13 vulnerabilities
linux-oem-5.13 vulnerabilities
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that the eBPF implementation in the Linux kernel did
not properly validate the memory size of certain ring buffer operation
arguments. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-4204)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2021-20321)
It was discovered that the NFC subsyste
OSV
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, l
osv·2022-01-06·CVSS 6.5
[MEDIUM] linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, l
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that the Linux kernel did not properly enforce certain
types of entries in the Secure Boot Forbidden Signature Database (aka dbx)
protection mechanism. An attacker could use this to bypass UEFI Secure Boot
restrictions. (CVE-2020-26541)
It was discovered that a r
OSV
linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
osv·2022-01-06·CVSS 4.4
CVE-2021-4002 [MEDIUM] linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that a race condition existed in the timer implementation
in the Linux kernel. A privileged attacker could use this to cause a denial
of service. (CVE-2021-20317)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2021-2
OSV
linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oracle, linux-oracle-5.11, linux-raspi vulnerabilities
osv·2022-01-06·CVSS 4.7
CVE-2021-4002 [MEDIUM] linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oracle, linux-oracle-5.11, linux-raspi vulnerabilities
linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oracle, linux-oracle-5.11, linux-raspi vulnerabilities
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2021-20321)
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A local attacker
OSV
linux-oem-5.14 vulnerabilities
osv·2021-11-30·CVSS 7.8
CVE-2021-3760 [HIGH] linux-oem-5.14 vulnerabilities
linux-oem-5.14 vulnerabilities
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2021-3760)
It was discovered that the SCTP protocol implementation in the Linux kernel
did not properly verify VTAGs in some situations. A remote attacker could
possibly use this to cause a denial of service (connection disassociation).
(CVE-2021-3772)
It was discovered that the AMD Radeon GPU driver in the Linux kernel did
not properly validate writes in the debugfs file system. A privileged
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary
OSV
linux-oem-5.10 vulnerabilities
osv·2021-11-11·CVSS 3.3
CVE-2021-3655 [LOW] linux-oem-5.10 vulnerabilities
linux-oem-5.10 vulnerabilities
Ilja Van Sprundel discovered that the SCTP implementation in the Linux
kernel did not properly perform size validations on incoming packets in
some situations. An attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2021-3655)
It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in
the Linux kernel did not properly deallocate memory in some error
conditions. A local attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2021-3744, CVE-2021-3764)
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A local attacker could possibly use this to cause a denial
of service (system crash)
OSV
CVE-2021-43389: An issue was discovered in the Linux kernel before 5
osv·2021-11-04·CVSS 5.5
CVE-2021-43389 [MEDIUM] CVE-2021-43389: An issue was discovered in the Linux kernel before 5
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.openwall.com/lists/oss-security/2021/11/05/1https://bugzilla.redhat.com/show_bug.cgi?id=2013180https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4dhttps://lists.debian.org/debian-lts-announce/2021/12/msg00012.htmlhttps://lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlhttps://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/https://seclists.org/oss-sec/2021/q4/39https://www.debian.org/security/2022/dsa-5096https://www.oracle.com/security-alerts/cpujul2022.htmlhttp://www.openwall.com/lists/oss-security/2021/11/05/1https://bugzilla.redhat.com/show_bug.cgi?id=2013180https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4dhttps://lists.debian.org/debian-lts-announce/2021/12/msg00012.htmlhttps://lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlhttps://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/https://seclists.org/oss-sec/2021/q4/39https://www.debian.org/security/2022/dsa-5096https://www.oracle.com/security-alerts/cpujul2022.html
2021-11-04
Published