CVE-2021-33909

Published: Jul 20, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[debian-lts-announce] 20210720 [SECURITY] [DLA 2713-2] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210720 [SECURITY] [DLA 2713-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210720 [SECURITY] [DLA 2714-1] linux-4.19 security update

mailing-list

x_refsource_MLIST

DSA-4941

vendor-advisory

x_refsource_DEBIAN

FEDORA-2021-07dc0b3eb1

vendor-advisory

x_refsource_FEDORA

[oss-security] 20210722 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer

mailing-list

x_refsource_MLIST

[oss-security] 20210825 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer

mailing-list

x_refsource_MLIST

[oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list

mailing-list

x_refsource_MLIST

[oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list

mailing-list

x_refsource_MLIST

[oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpujan2022.html

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2021/07/20/1

x_refsource_MISC

https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b

x_refsource_CONFIRM

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4

x_refsource_CONFIRM

http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html

x_refsource_MISC

http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210819-0004/

x_refsource_CONFIRM

http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html

x_refsource_MISC

http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html

x_refsource_MISC

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-33909

Description

Affected Products

References