CVE-2021-41864
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-41864
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。overlayfs是其中的一套文件系统。 Linux kernel 存在输入验证错误漏洞,该漏洞源于在 Linux 内核的 bpf 中的 kernel/bpf/stackmap.c 中的 prealloc_elems_and_freelist 中发现了越界 (OOB) 内存写入缺陷。攻击者可利用该漏洞访问超出边界的内存,从而导致系统崩溃或内部内核信息泄漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2021-41864
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-41864
请登录查看更多情报信息。
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12x_refsource_CONFIRM
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/vendor-advisoryx_refsource_FEDORA
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/vendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2021-41864
Same Patch Batch · n/a · 2021-10-01 · 53 CVEs total
| CVE-2021-40926 | GetId3 跨站脚本漏洞 | |
| CVE-2021-41459 | Gpac MP4Box 缓冲区错误漏洞 | |
| CVE-2021-41457 | Gpac MP4Box 缓冲区错误漏洞 | |
| CVE-2021-41649 | PuneethReddyHc Online Shopping System Advanced SQL注入漏洞 | |
| CVE-2021-33626 | Insyde InsydeH2O 安全漏洞 | |
| CVE-2021-35297 | Scalabium dBase Viewer 安全漏洞 | |
| CVE-2021-40960 | Galera WebTemplate 路径遍历漏洞 | |
| CVE-2021-41456 | Gpac MP4Box 缓冲区错误漏洞 | |
| CVE-2021-40924 | bugs 跨站脚本漏洞 | |
| CVE-2021-40927 | Spotify-for-Alfred 跨站脚本漏洞 | |
| CVE-2021-40925 | Faveo Helpdesk 跨站脚本漏洞 | |
| CVE-2021-40968 | spotweb 跨站脚本漏洞 | |
| CVE-2021-40928 | FlexTV beta 跨站脚本漏洞 | |
| CVE-2021-40970 | spotweb 跨站脚本漏洞 | |
| CVE-2021-40969 | spotweb 跨站脚本漏洞 | |
| CVE-2021-40972 | spotweb 跨站脚本漏洞 | |
| CVE-2021-40971 | spotweb 跨站脚本漏洞 | |
| CVE-2021-40975 | Ecommerce-CodeIgniter-Bootstrap 跨站脚本漏洞 | |
| CVE-2021-40973 | spotweb 跨站脚本漏洞 | |
| CVE-2021-41461 | Portlandlabs Concrete5 跨站脚本漏洞 |
Showing top 20 of 53 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2021-41864
No comments yet