CVE-2021-3600 - OpenCVE

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel
Canonical	Ubuntu Linux
Redhat	Enterprise Linux
Fedoraproject	Fedora

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.11:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.11:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.11:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.11:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.11:rc5::::::
	cpe:2.3:o:linux:linux_kernel:5.11:rc6::::::
	cpe:2.3:o:linux:linux_kernel:5.11:rc7::::::

Configuration 2 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::esm:::

Configuration 3 [-]

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

References

Link	Resource
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600	Product
https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90	Mailing List Patch Vendor Advisory
https://ubuntu.com/security/notices/USN-5003-1	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: canonical

Published: 2024-01-08T18:16:42.087Z

Updated: 2024-01-08T18:16:42.087Z

Reserved: 2021-06-12T00:16:40.778Z

Link: CVE-2021-3600

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-01-08T19:15:08.470

Modified: 2024-01-11T18:40:05.340

Link: CVE-2021-3600

JSON object: View

Redhat Information

No data.

CWE

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD710309-3897-495A-8AE3-4BD2EFA790E0", "versionEndExcluding": "4.19.206", "versionStartIncluding": "4.14", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "63AA484E-2A18-4FCA-BA34-62E23959CC68", "versionEndExcluding": "5.4.98", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C5091DA-0121-43C7-B18B-60A1917F30BF", "versionEndExcluding": "5.10.16", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc1:*:*:*:*:*:*", "matchCriteriaId": "18B1C9CE-F7E4-426B-A770-79F86AB5CC38", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc2:*:*:*:*:*:*", "matchCriteriaId": "7A70E596-2EF7-4651-B2EF-2CEE31DB6893", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc3:*:*:*:*:*:*", "matchCriteriaId": "18C82C96-2853-4DFE-93AD-F6E59B4129CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc4:*:*:*:*:*:*", "matchCriteriaId": "A330B043-47EA-4D06-82BF-153A1735FC11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc5:*:*:*:*:*:*", "matchCriteriaId": "F0EE963C-B36C-4143-96A9-65BCA7D8F2EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc6:*:*:*:*:*:*", "matchCriteriaId": "B511E2F6-2917-4797-8909-8F7EA4870C7B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.11:rc7:*:*:*:*:*:*", "matchCriteriaId": "E9FA9D80-C790-41EA-8A21-DF7B170465E0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*", "matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code."}, {"lang": "es", "value": "Se descubri\u00f3 que la implementaci\u00f3n de eBPF en el kernel de Linux no rastreaba adecuadamente la informaci\u00f3n de l\u00edmites para registros de 32 bits al realizar operaciones div y mod. Un atacante local podr\u00eda usar esto para posiblemente ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2021-3600", "lastModified": "2024-01-11T18:40:05.340", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 6.0, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2024-01-08T19:15:08.470", "references": [{"source": "security@ubuntu.com", "tags": ["Product"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600"}, {"source": "security@ubuntu.com", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/notices/USN-5003-1"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}