{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-3772", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2022-10-07T00:00:00", "dateReserved": "2021-09-06T00:00:00", "datePublished": "2022-03-02T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2022-10-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses."}], "affected": [{"vendor": "n/a", "product": "kernel", "versions": [{"version": "Fixed in linux kernel v5.15 and above", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"}, {"url": "https://ubuntu.com/security/CVE-2021-3772"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"}, {"url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"}, {"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"}, {"name": "DSA-5096", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2022/dsa-5096"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html"}, {"url": "https://security.netapp.com/advisory/ntap-20221007-0001/"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-354 - Improper Validation of Integrity Check Value", "cweId": "CWE-354"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "103D9D8F-806F-4043-80C3-73831775798E", "versionEndExcluding": "5.15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5AF71C49-ADEF-4EE2-802C-6159ADD51355", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*", "matchCriteriaId": "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*", "matchCriteriaId": "24377899-5389-4BDC-AC82-0E4186F4DE53", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*", "matchCriteriaId": "23FE83DE-AE7C-4313-88E3-886110C31302", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*", "matchCriteriaId": "490B327B-AC20-419B-BB76-8AB6971304BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*", "matchCriteriaId": "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*", "matchCriteriaId": "6CA74E8B-51E2-4A7C-8A98-0583D31134A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*", "matchCriteriaId": "7B64AB37-A1D9-4163-A51B-4C780361F1F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*", "matchCriteriaId": "7BE9C9D7-9CED-4184-A190-1024A6FB8C82", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*", "matchCriteriaId": "B73D4C3C-A511-4E14-B19F-91F561ACB1B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*", "matchCriteriaId": "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*", "matchCriteriaId": "039C3790-5AA2-4895-AEAE-CC84A71DB907", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4592238-D1F2-43D6-9BAB-2F63ECF9C965", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*", "matchCriteriaId": "0BA78068-80E9-4E49-9056-88EAB7E3682C", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*", "matchCriteriaId": "092F366C-E8B0-4BE5-B106-0B7A73B08D34", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*", "matchCriteriaId": "E7992E92-B159-4810-B895-01A9B944058A", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*", "matchCriteriaId": "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191", "vulnerable": true}, {"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "89612649-BACF-4FAC-9BA4-324724FD93A6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3D9B255-C1AF-42D1-BF9B-13642FBDC080", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*", "matchCriteriaId": "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5921A877-18BF-43FE-915C-D226E140ACFC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*", "matchCriteriaId": "7296A1F2-D315-4FD5-8A73-65C480C855BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses."}, {"lang": "es", "value": "Se ha encontrado un fallo en la pila SCTP de Linux. Un atacante ciego puede ser capaz de matar una asociaci\u00f3n SCTP existente mediante trozos no v\u00e1lidos si el atacante conoce las direcciones IP y los n\u00fameros de puerto que est\u00e1n siendo usados y el atacante puede enviar paquetes con direcciones IP falsas"}], "id": "CVE-2021-3772", "lastModified": "2023-02-12T23:42:47.697", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-02T23:15:09.127", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20221007-0001/"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://ubuntu.com/security/CVE-2021-3772"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5096"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-354"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-354"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}