Vulnerability CVE-2021-35039

Vulnerability Name:

CVE-2021-35039 (CCN-204977)

Assigned:

2021-07-07

Published:

2021-07-07

Updated:

2023-05-16

Summary:

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-35039

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Patch, Vendor Advisory
cve@mitre.org

Source: XF
Type: UNKNOWN
linux-kernel-cve202135039-code-exec(204977)

Source: cve@mitre.org
Type: Mailing List, Patch, Vendor Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Patch, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: CCN
Type: oss-sec Mailing List, Tue, 6 Jul 2021 19:16:00 -0400
CVE-2021-35039: Linux kernel loading unsigned kernel modules via init_module syscall

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: CCN
Type: Linux Kernel Web site
The Linux Kernel Archives

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Vulnerable Configuration:

Configuration CCN 1:

cpe:/o:linux:linux_kernel:4.15:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:4.16:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:4.17:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:4.18:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:4.19:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:4.20:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.0:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.1:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.2:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.3:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.4:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.5:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.6.0:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.7.0:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.8:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.9:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.10:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.11:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:5.12:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8029	P	kernel-docs-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7569	P	libXv-devel-1.0.11-1.23 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7539	P	kernel-64kb-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7585	P	libcroco-0.6.13-150400.9.5 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7707	P	libykcs11-1-1.6.2-4.30 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8090	P	reiserfs-kmp-default-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:751	P	Security update for bluez (Important)	2022-09-12
oval:org.opensuse.security:def:6132	P	Security update for wavpack (Low)	2022-08-05
oval:org.opensuse.security:def:6126	P	Security update for mokutil (Moderate)	2022-08-03
oval:org.opensuse.security:def:3652	P	Security update for git (Important)	2022-07-26
oval:org.opensuse.security:def:3448	P	busybox-1.21.1-3.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3453	P	clamav-0.101.3-1.19 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3567	P	libXtst6-1.2.2-7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3458	P	cpp48-4.8.5-31.20.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3398	P	wpa_supplicant-2.6-15.10.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95078	P	reiserfs-kmp-default-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94570	P	graphviz-2.48.0-150400.1.165 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95083	P	kernel-azure-5.14.21-150400.12.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94907	P	gnome-extensions-41.4-150400.1.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94590	P	kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2960	P	kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95197	P	kernel-default-extra-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95028	P	kernel-docs-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95327	P	Security update for webkit2gtk3 (Important)	2022-06-14
oval:org.opensuse.security:def:95323	P	Security update for go1.17 (Important)	2022-06-07
oval:org.opensuse.security:def:4570	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP5) (Important)	2022-04-13
oval:org.opensuse.security:def:101620	P	Security update for tar (Moderate) (in QA)	2022-04-12
oval:org.opensuse.security:def:102036	P	Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP3) (Important)	2022-03-29
oval:org.opensuse.security:def:4498	P	Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP5) (Important)	2021-10-12
oval:org.opensuse.security:def:101909	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:99666	P	(Important)	2021-08-14
oval:org.opensuse.security:def:76289	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:102291	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:1214	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:101482	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:65659	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:8389	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:1775	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:6476	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:102327	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:67221	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:99980	P	(Important)	2021-08-14
oval:org.opensuse.security:def:73863	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:1256	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:68347	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:101797	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:100316	P	(Important)	2021-08-14
oval:org.opensuse.security:def:64741	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:111664	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:101874	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:99403	P	(Important)	2021-08-14
oval:org.opensuse.security:def:10690	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:7258	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:70830	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:1119	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:67565	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:100645	P	(Important)	2021-08-14
oval:org.opensuse.security:def:74727	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:1733	P	Security update for the Linux Kernel (Important)	2021-08-14
oval:org.opensuse.security:def:68674	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:67215	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:111658	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:1547	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:76283	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:101283	P	nasm-2.14.02-3.4.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:42108	P	Security update for the Linux Kernel (Important)	2021-08-05
oval:org.opensuse.security:def:95959	P	Security update for the Linux Kernel (Important)	2021-08-03
oval:org.opensuse.security:def:68796	P	Security update for the Linux Kernel (Important)	2021-08-03
oval:org.opensuse.security:def:118429	P	Security update for the Linux Kernel (Important)	2021-08-03
oval:org.opensuse.security:def:109338	P	Security update for the Linux Kernel (Important)	2021-08-03
oval:org.opensuse.security:def:102672	P	Security update for the Linux Kernel (Important)	2021-08-03
oval:org.opensuse.security:def:110982	P	Security update for the Linux Kernel (Important)	2021-07-22
oval:org.opensuse.security:def:6451	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:108957	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:73669	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:5779	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:68216	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:109531	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:102865	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:117800	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:108286	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:95578	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:109072	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:64547	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:102406	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:96175	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:109649	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:102983	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:117880	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:75936	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:10649	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:95693	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:7127	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:70789	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:67540	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:118627	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:74655	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:96311	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:66868	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:117995	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:108706	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:102040	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:119789	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:65587	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:117464	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:107949	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:42104	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:8365	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:118366	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:75932	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:66864	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:108702	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:109280	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:102614	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:68658	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:95901	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:5775	P	Security update for the Linux Kernel (Important)	2021-07-20

BACK