Vulnerability Description
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.18, < 4.4.218 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=efMailing ListPatchVendor Advisory
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=efMailing ListPatchVendor Advisory
FAQ
What is CVE-2021-3715?
CVE-2021-3715 is a vulnerability with a CVSS score of 7.8 (HIGH). A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free c...
How severe is CVE-2021-3715?
CVE-2021-3715 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-3715?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.