CVE-2021-31949

Vulnerability Profile Updated 3 months ago
Download STIX
Preview STIX
CVE-2021-31949 is a security vulnerability that was discovered in May 2021. The flaw exists in the Linux kernel, specifically in the iSCSI subsystem, and could allow an attacker to execute arbitrary code with elevated privileges. This vulnerability affects systems running the Linux kernel version 5.4 or later. The vulnerability was caused by an integer overflow issue in the iSCSI subsystem's handling of input/output control (IOCTL) messages. An attacker who can send specially crafted IOCTL messages to a vulnerable system could trigger the flaw and potentially execute malicious code. The flaw was rated as high severity and given a CVSS score of 7.8 out of 10. Fortunately, a patch for this vulnerability was released on May 19, 2021, which addressed the issue by adding additional bounds checking to the affected code. It is recommended that anyone running a vulnerable version of the Linux kernel apply the patch as soon as possible to protect against potential exploitation of this flaw.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2021-31949 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards