CVE-2021-3744 - log back

CVE-2021-3744 edited at 12 Nov 2021 19:36:09
Description
- A memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
+ A memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel before version 5.14.10 allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
References
https://bugzilla.redhat.com/show_bug.cgi?id=2000627
https://www.openwall.com/lists/oss-security/2021/09/14/1
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.10&id=e450c422aa233e9f80515f2ee9164e33f158a472
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.71&id=17ccc64e4fa5d3673528474bfeda814d95dc600a
CVE-2021-3744 edited at 15 Sep 2021 08:34:14
References
https://bugzilla.redhat.com/show_bug.cgi?id=2000627
+ https://www.openwall.com/lists/oss-security/2021/09/14/1
CVE-2021-3744 edited at 14 Sep 2021 09:03:20
Description
- A memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel allows attackers to cause a denial of service (memory consumption).
+ A memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
CVE-2021-3744 edited at 14 Sep 2021 09:02:16
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ A memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel allows attackers to cause a denial of service (memory consumption).
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=2000627
CVE-2021-3744 created at 14 Sep 2021 09:01:47
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes