First published: Tue Jul 27 2021(Updated: )
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:4.18.0-372.9.1.rt7.166.el8 | 0:4.18.0-372.9.1.rt7.166.el8 |
redhat/kernel | <0:4.18.0-372.9.1.el8 | 0:4.18.0-372.9.1.el8 |
debian/linux | <=5.10.223-1 | 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1 |
Linux Kernel | ||
All of | ||
Any of | ||
IBM Storage Copy Data Management | >=2.2.0.0<=2.2.15.0 | |
IBM Storage Protect Plus | >=10.1.0<=10.1.10.2 | |
Linux Kernel | ||
Debian | =10.0 | |
Debian | =11.0 | |
Fedora | =34 | |
Red Hat Quarkus | >=2.0<2.7 | |
redhat developer tools | =1.0 | |
Red Hat Enterprise Linux | =6.0 | |
Red Hat Enterprise Linux | =7.0 | |
Red Hat Enterprise Linux | =8.0 | |
redhat enterprise linux aus | =8.6 | |
redhat enterprise Linux for ibm z systems | =8.0 | |
redhat enterprise Linux for ibm z systems eus | =8.6 | |
redhat enterprise Linux for power little endian | =8.0 | |
redhat enterprise Linux for power little endian eus | =8.6 | |
redhat enterprise Linux for real time | =8 | |
redhat enterprise Linux for real time for nfv | =8 | |
redhat enterprise Linux for real time for nfv tus | =8.6 | |
redhat enterprise Linux for real time tus | =8.6 | |
redhat enterprise Linux server aus | =8.6 | |
redhat enterprise Linux server for power little endian update services for sap solutions | =8.6 | |
redhat enterprise Linux server tus | =8.6 | |
All of | ||
redhat codeready Linux builder | ||
Any of | ||
Red Hat Enterprise Linux | =8.0 | |
redhat enterprise Linux eus | =8.6 | |
redhat enterprise Linux for power little endian | =8.0 | |
redhat enterprise Linux for power little endian eus | =8.6 | |
All of | ||
Any of | ||
redhat openshift container platform | =4.6 | |
redhat openshift container platform | =4.7 | |
redhat openshift container platform | =4.9 | |
redhat virtualization host | =4.0 | |
Red Hat Enterprise Linux | =8.0 | |
IBM Storage Copy Data Management | >=2.2.0.0<=2.2.15.0 | |
IBM Storage Protect Plus | >=10.1.0<=10.1.10.2 | |
Linux Kernel | ||
redhat codeready Linux builder | ||
Red Hat Enterprise Linux | =8.0 | |
redhat enterprise Linux eus | =8.6 | |
redhat enterprise Linux for power little endian | =8.0 | |
redhat enterprise Linux for power little endian eus | =8.6 | |
redhat openshift container platform | =4.6 | |
redhat openshift container platform | =4.7 | |
redhat openshift container platform | =4.9 | |
redhat virtualization host | =4.0 |
Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-3669 has a moderate severity rating as it can lead to resource exhaustion and denial of service in the Linux kernel.
To fix CVE-2021-3669, update the Linux kernel to versions 0:4.18.0-372.9.1.rt7.166.el8 or 0:4.18.0-372.9.1.el8 or later.
CVE-2021-3669 affects various Linux distributions including Red Hat Enterprise Linux, Debian, and Fedora.
CVE-2021-3669 is a denial-of-service (DoS) vulnerability that occurs due to resource exhaustion when handling large shared memory segment counts.
You can determine if your Linux system is vulnerable to CVE-2021-3669 by checking if you are running an affected version of the kernel or relevant software.