CVE-2021-31949

Vulnerability updated 4 months ago (2024-05-04T17:41:04.918Z)

Download STIX

Preview STIX

CVE-2021-31949 is a security vulnerability that was discovered in May 2021. The flaw exists in the Linux kernel, specifically in the iSCSI subsystem, and could allow an attacker to execute arbitrary code with elevated privileges. This vulnerability affects systems running the Linux kernel version 5.4 or later. The vulnerability was caused by an integer overflow issue in the iSCSI subsystem's handling of input/output control (IOCTL) messages. An attacker who can send specially crafted IOCTL messages to a vulnerable system could trigger the flaw and potentially execute malicious code. The flaw was rated as high severity and given a CVSS score of 7.8 out of 10. Fortunately, a patch for this vulnerability was released on May 19, 2021, which addressed the issue by adding additional bounds checking to the affected code. It is recommended that anyone running a vulnerable version of the Linux kernel apply the patch as soon as possible to protect against potential exploitation of this flaw.

Description last updated: 2023-06-23T13:12:41.188Z

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CVE-2021-31949 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Preview	Source Link	CreatedAt	Title
	CERT-EU	a year ago	Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards