Vulnerability Description
A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 5.5 |
| Redhat | Enterprise Linux | 6.0 |
| Fedoraproject | Fedora | 34 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1976946Issue TrackingThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1976946Issue TrackingThird Party Advisory
FAQ
What is CVE-2021-3635?
CVE-2021-3635 is a vulnerability with a CVSS score of 4.4 (MEDIUM). A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.
How severe is CVE-2021-3635?
CVE-2021-3635 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-3635?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux, Fedoraproject Fedora.