NVD - CVE-2021-3609

Vulnerability Change Records for CVE-2021-3609

Change History

Initial Analysis by NIST 3/10/2022 10:21:14 AM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:linux:linux_kernel::::::::* versions from (including) 2.6.25 up to (excluding) 5.13 cpe:2.3:a:linux:linux_kernel:5.13:rc1::::::* cpe:2.3:a:linux:linux_kernel:5.13:rc2::::::* cpe:2.3:a:linux:linux_kernel:5.13:rc3::::::* cpe:2.3:a:linux:linux_kernel:5.13:rc4::::::* cpe:2.3:a:linux:linux_kernel:5.13:rc5::::::* cpe:2.3:a:linux:linux_kernel:5.13:rc6::::::*
Added	CPE Configuration		OR cpe:2.3:a:redhat:3scale_api_management:2.0::::::: cpe:2.3:a:redhat:build_of_quarkus:1.0::::::: cpe:2.3:a:redhat:openshift_container_platform:4.6::::::: cpe:2.3:a:redhat:openshift_container_platform:4.7::::::: cpe:2.3:a:redhat:openshift_container_platform:4.8::::::: cpe:2.3:a:redhat:virtualization:4.0::::::: cpe:2.3:a:redhat:virtualization_host:4.0::::::: cpe:2.3:o:redhat:codeready_linux_builder_eus:8.1::::::: cpe:2.3:o:redhat:codeready_linux_builder_eus:8.2::::::: cpe:2.3:o:redhat:codeready_linux_builder_eus:8.4::::::: cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian_eus:8.1::::::: cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian_eus:8.2::::::: cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4::::::: cpe:2.3:o:redhat:enterprise_linux_aus:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_eus:8.1::::::: cpe:2.3:o:redhat:enterprise_linux_eus:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_eus:8.4::::::: cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4::::::: cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:8.1::::::: cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1::::::: cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4::::::: cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0::::::: cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0::::::: cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.0::::::: cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.0::::::: cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4::::::: cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1::::::: cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4::::::: cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4::::::: cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1::::::: cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2::::::: cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:::::::
Added	CVSS V2		NIST (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Added	CVSS V3.1		NIST AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Added	CWE		NIST CWE-362
Changed	Reference Type	https://bugzilla.redhat.com/show_bug.cgi?id=1971651 No Types Assigned	https://bugzilla.redhat.com/show_bug.cgi?id=1971651 Issue Tracking, Third Party Advisory
Changed	Reference Type	https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md No Types Assigned	https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md Exploit, Technical Description, Third Party Advisory
Changed	Reference Type	https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463 No Types Assigned	https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463 Patch, Third Party Advisory
Changed	Reference Type	https://www.openwall.com/lists/oss-security/2021/06/19/1 No Types Assigned	https://www.openwall.com/lists/oss-security/2021/06/19/1 Mailing List, Third Party Advisory