Unrated severityNVD Advisory· Published Feb 4, 2022· Updated Aug 3, 2024
CVE-2021-4154
CVE-2021-4154
Description
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
68- Linux/cgroup v1 parserdescription
- osv-coords66 versionspkg:rpm/almalinux/kernel-tools-libs-develpkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-preempt&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-preempt&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_13&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_17&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_18&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_18&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_4&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP3pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/release-notes-sle_rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/release-notes-sle_rt&distro=SUSE%20Real%20Time%20Module%2015%20SP3
< 4.18.0-348.20.1.el8_5+ 65 more
- (no CPE)range: < 4.18.0-348.20.1.el8_5
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.38.56.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1.150300.18.41.3
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.38.56.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.38.56.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.38.56.1
- (no CPE)range: < 5.3.18-150300.59.68.1.150300.18.41.3
- (no CPE)range: < 5.3.18-150300.59.68.1.150300.18.41.3
- (no CPE)range: < 5.3.18-150300.59.68.1.150300.18.41.3
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 14-2.2
- (no CPE)range: < 13-2.2
- (no CPE)range: < 10-2.2
- (no CPE)range: < 10-2.2
- (no CPE)range: < 8-2.2
- (no CPE)range: < 8-2.2
- (no CPE)range: < 8-2.2
- (no CPE)range: < 7-2.2
- (no CPE)range: < 6-2.2
- (no CPE)range: < 10-3.2
- (no CPE)range: < 1-150300.7.5.1
- (no CPE)range: < 8-150300.2.2
- (no CPE)range: < 8-150300.2.2
- (no CPE)range: < 8-150300.2.2
- (no CPE)range: < 7-150300.2.2
- (no CPE)range: < 6-150300.2.2
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.88.2
- (no CPE)range: < 5.3.18-150300.88.2
- (no CPE)range: < 5.3.18-150300.88.2
- (no CPE)range: < 5.3.18-150300.88.2
- (no CPE)range: < 5.3.18-150300.38.56.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.88.2
- (no CPE)range: < 5.3.18-150300.38.56.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 5.3.18-150300.88.1
- (no CPE)range: < 5.3.18-150300.59.68.1
- (no CPE)range: < 15.3.20220422-150300.3.3.2
- (no CPE)range: < 15.3.20220422-150300.3.3.2
Patches
Vulnerability mechanics
References
4- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- cloud.google.com/anthos/clusters/docs/security-bulletinsmitrex_refsource_MISC
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mitrex_refsource_MISC
- security.netapp.com/advisory/ntap-20220225-0004/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.