CVE-2021-27364

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa

https://bugzilla.suse.com/show_bug.cgi?id=1182717

https://www.openwall.com/lists/oss-security/2021/03/06/1

https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html

https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html

https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html

http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html

https://security.netapp.com/advisory/ntap-20210409-0001/

https://www.oracle.com/security-alerts/cpuoct2021.html

Details

Source: MITRE

Published: 2021-03-07

Updated: 2021-10-20

Type: CWE-125

Risk Information

CVSS v2

Base Score: 3.6

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:P

Impact Score: 4.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 7.1

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Impact Score: 5.2

Exploitability Score: 1.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 5.11.3 (inclusive)

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Tenable Plugins

View all (75 total)

IDNameProductFamilySeverity
153271EulerOS 2.0 SP2 : kernel (EulerOS-SA-2021-2392)NessusHuawei Local Security Checks
high
152167SUSE SLES15 Security Update : kernel (Live Patch 15 for SLE 15 SP2) (SUSE-SU-2021:2577-1)NessusSuSE Local Security Checks
high
151756openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1977-1)NessusSuSE Local Security Checks
critical
151730openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1975-1)NessusSuSE Local Security Checks
critical
151307EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2021-2075)NessusHuawei Local Security Checks
high
151229EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2021-2040)NessusHuawei Local Security Checks
high
151167EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2021-2002)NessusHuawei Local Security Checks
high
150927SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1975-1)NessusSuSE Local Security Checks
critical
150901SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:1977-1)NessusSuSE Local Security Checks
critical
150550SUSE SLES11 Security Update : kernel (SUSE-SU-2021:14724-1)NessusSuSE Local Security Checks
medium
150214EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-1929)NessusHuawei Local Security Checks
high
150213EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-1950)NessusHuawei Local Security Checks
high
149892openSUSE Security Update : the Linux Kernel (openSUSE-2021-758)NessusSuSE Local Security Checks
critical
149717SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1624-1)NessusSuSE Local Security Checks
high
149716SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1623-1)NessusSuSE Local Security Checks
high
149633SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1617-1)NessusSuSE Local Security Checks
high
149607EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-1879)NessusHuawei Local Security Checks
high
149587EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-1904)NessusHuawei Local Security Checks
high
149491SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1596-1)NessusSuSE Local Security Checks
high
149462SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1573-1)NessusSuSE Local Security Checks
high
149444RHEL 7 : kernel (RHSA-2021:1531)NessusRed Hat Local Security Checks
high
149441RHEL 7 : kpatch-patch (RHSA-2021:1532)NessusRed Hat Local Security Checks
high
149245Oracle Linux 6 : kernel (ELSA-2021-9212)NessusOracle Linux Local Security Checks
high
149236RHEL 7 : kpatch-patch (RHSA-2021:1377)NessusRed Hat Local Security Checks
high
149235RHEL 7 : kernel-alt (RHSA-2021:1379)NessusRed Hat Local Security Checks
high
149098EulerOS 2.0 SP3 : kernel (EulerOS-SA-2021-1808)NessusHuawei Local Security Checks
high
149028RHEL 7 : kernel (RHSA-2021:1376)NessusRed Hat Local Security Checks
medium
149024RHEL 7 : kernel (RHSA-2021:1373)NessusRed Hat Local Security Checks
high
148892RHEL 8 : kpatch-patch (RHSA-2021:1295)NessusRed Hat Local Security Checks
high
148877RHEL 8 : kernel-rt (RHSA-2021:1279)NessusRed Hat Local Security Checks
high
148876RHEL 8 : kernel (RHSA-2021:1272)NessusRed Hat Local Security Checks
high
148853RHEL 7 : kernel (RHSA-2021:1289)NessusRed Hat Local Security Checks
high
148851RHEL 7 : kernel (RHSA-2021:1267)NessusRed Hat Local Security Checks
high
148747SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:1238-1)NessusSuSE Local Security Checks
critical
148700SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1210-1)NessusSuSE Local Security Checks
high
148698SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1211-1)NessusSuSE Local Security Checks
critical
148634EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2021-1715)NessusHuawei Local Security Checks
high
148604EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2021-1751)NessusHuawei Local Security Checks
high
148509SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1175-1)NessusSuSE Local Security Checks
medium
148489RHEL 8 : kpatch-patch (RHSA-2021:1173)NessusRed Hat Local Security Checks
high
148460RHEL 8 : kernel (RHSA-2021:1171)NessusRed Hat Local Security Checks
high
148459Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9140)NessusOracle Linux Local Security Checks
high
148458Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9141)NessusOracle Linux Local Security Checks
high
148453Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9172)NessusOracle Linux Local Security Checks
high
148452Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9175)NessusOracle Linux Local Security Checks
high
148438openSUSE Security Update : the Linux Kernel (openSUSE-2021-532)NessusSuSE Local Security Checks
critical
148425CentOS 7 : kernel (CESA-2021:1071)NessusCentOS Local Security Checks
high
148422CentOS 8 : kernel (CESA-2021:1093)NessusCentOS Local Security Checks
high
148390RHEL 7 : kernel (RHSA-2021:1071)NessusRed Hat Local Security Checks
high
148389SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1075-1)NessusSuSE Local Security Checks
high
148386SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1074-1)NessusSuSE Local Security Checks
high
148380Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9164)NessusOracle Linux Local Security Checks
high
148371Oracle Linux 8 : kernel (ELSA-2021-1093)NessusOracle Linux Local Security Checks
high
148370RHEL 8 : kernel (RHSA-2021:1093)NessusRed Hat Local Security Checks
high
148369RHEL 8 : kernel-rt (RHSA-2021:1081)NessusRed Hat Local Security Checks
high
148350Photon OS 4.0: Linux PHSA-2021-4.0-0007NessusPhotonOS Local Security Checks
high
148343Oracle Linux 7 : kernel (ELSA-2021-1071)NessusOracle Linux Local Security Checks
high
148331RHEL 7 : kpatch-patch (RHSA-2021:1069)NessusRed Hat Local Security Checks
high
148329RHEL 7 : kernel-rt (RHSA-2021:1070)NessusRed Hat Local Security Checks
high
148294Photon OS 1.0: Linux PHSA-2021-1.0-0375NessusPhotonOS Local Security Checks
high
148289Photon OS 2.0: Linux PHSA-2021-2.0-0332NessusPhotonOS Local Security Checks
high
148254Debian DLA-2610-1 : linux-4.19 security updateNessusDebian Local Security Checks
high
148189Photon OS 3.0: Linux PHSA-2021-3.0-0210NessusPhotonOS Local Security Checks
high
148034Ubuntu 18.04 LTS / 20.04 LTS / 20.10 : Linux kernel vulnerabilities (USN-4887-1)NessusUbuntu Local Security Checks
high
147972Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4883-1)NessusUbuntu Local Security Checks
high
147919Amazon Linux AMI : kernel (ALAS-2021-1487)NessusAmazon Linux Local Security Checks
high
147914Amazon Linux 2 : kernel (ALAS-2021-1616)NessusAmazon Linux Local Security Checks
high
147899OracleVM 3.4 : Unbreakable / etc (OVMSA-2021-0008)NessusOracleVM Local Security Checks
high
147865Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9113)NessusOracle Linux Local Security Checks
high
147864Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9116)NessusOracle Linux Local Security Checks
high
147862Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9112)NessusOracle Linux Local Security Checks
high
147840Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9114)NessusOracle Linux Local Security Checks
high
147839Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9115)NessusOracle Linux Local Security Checks
high
147790Slackware 14.2 : Slackware 14.2 kernel (SSA:2021-072-01)NessusSlackware Local Security Checks
high
147532Debian DLA-2586-1 : linux security updateNessusDebian Local Security Checks
high