CVE-2021-3659 — MEDIUM (5.5)

Q: How severe is CVE-2021-3659?

CVE-2021-3659 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-3659?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Fedoraproject Fedora, Redhat Enterprise Linux, Redhat Enterprise Linux For Ibm Z Systems, Redhat Enterprise Linux For Ibm Z Systems Eus.

Vulnerability Description

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	< 5.12
Fedoraproject	Fedora	34
Redhat	Enterprise Linux	7.0
Redhat	Enterprise Linux For Ibm Z Systems	8.0
Redhat	Enterprise Linux For Ibm Z Systems Eus	8.6
Redhat	Enterprise Linux For Power Little Endian Eus	8.6
Redhat	Enterprise Linux For Real Time	8.0
Redhat	Enterprise Linux For Real Time For Nfv	8.0
Redhat	Enterprise Linux For Real Time For Nfv Tus	8.6
Redhat	Enterprise Linux For Real Time Tus	8.6
Redhat	Enterprise Linux Server Aus	8.6
Redhat	Enterprise Linux Server Eus	8.6
Redhat	Enterprise Linux Server Tus	8.6
Redhat	Codeready Linux Builder	-
Redhat	Enterprise Linux Eus	8.6
Redhat	Enterprise Linux For Power Little Endian	8.0
Redhat	Virtualization Host	4.0

Related Weaknesses (CWE)

CWE-476 CWE-252

References

https://access.redhat.com/security/cve/CVE-2021-3659Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1975949Issue TrackingPatchThird Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=11PatchVendor Advisory
https://access.redhat.com/security/cve/CVE-2021-3659Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1975949Issue TrackingPatchThird Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=11PatchVendor Advisory

FAQ

What is CVE-2021-3659?

CVE-2021-3659 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash th...

How severe is CVE-2021-3659?

CVE-2021-3659 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-3659?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Fedoraproject Fedora, Redhat Enterprise Linux, Redhat Enterprise Linux For Ibm Z Systems, Redhat Enterprise Linux For Ibm Z Systems Eus.