What is the severity of CVE-2021-3669?

CVE-2021-3669 has a moderate severity rating as it can lead to resource exhaustion and denial of service in the Linux kernel.

How do I fix CVE-2021-3669?

To fix CVE-2021-3669, update the Linux kernel to versions 0:4.18.0-372.9.1.rt7.166.el8 or 0:4.18.0-372.9.1.el8 or later.

Which operating systems are affected by CVE-2021-3669?

CVE-2021-3669 affects various Linux distributions including Red Hat Enterprise Linux, Debian, and Fedora.

What type of vulnerability is CVE-2021-3669?

CVE-2021-3669 is a denial-of-service (DoS) vulnerability that occurs due to resource exhaustion when handling large shared memory segment counts.

Is my Linux system vulnerable to CVE-2021-3669?

You can determine if your Linux system is vulnerable to CVE-2021-3669 by checking if you are running an affected version of the kernel or relevant software.

Vulnerability/
CVE-2021-3669

medium

5.5

CWE

770 400

27/7/2021

2/8/2021

26/8/2022

21/11/2024

CVE-2021-3669

First published: Tue Jul 27 2021(Updated: )

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/kernel-rt	<0:4.18.0-372.9.1.rt7.166.el8	0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel	<0:4.18.0-372.9.1.el8	0:4.18.0-372.9.1.el8
debian/linux	<=5.10.223-1	5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1
Linux Kernel
All of
Any of
IBM Storage Copy Data Management	>=2.2.0.0<=2.2.15.0
IBM Storage Protect Plus	>=10.1.0<=10.1.10.2
Linux Kernel
Debian	=10.0
Debian	=11.0
Fedora	=34
Red Hat Quarkus	>=2.0<2.7
redhat developer tools	=1.0
Red Hat Enterprise Linux	=6.0
Red Hat Enterprise Linux	=7.0
Red Hat Enterprise Linux	=8.0
redhat enterprise linux aus	=8.6
redhat enterprise Linux for ibm z systems	=8.0
redhat enterprise Linux for ibm z systems eus	=8.6
redhat enterprise Linux for power little endian	=8.0
redhat enterprise Linux for power little endian eus	=8.6
redhat enterprise Linux for real time	=8
redhat enterprise Linux for real time for nfv	=8
redhat enterprise Linux for real time for nfv tus	=8.6
redhat enterprise Linux for real time tus	=8.6
redhat enterprise Linux server aus	=8.6
redhat enterprise Linux server for power little endian update services for sap solutions	=8.6
redhat enterprise Linux server tus	=8.6
All of
redhat codeready Linux builder
Any of
Red Hat Enterprise Linux	=8.0
redhat enterprise Linux eus	=8.6
redhat enterprise Linux for power little endian	=8.0
redhat enterprise Linux for power little endian eus	=8.6
All of
Any of
redhat openshift container platform	=4.6
redhat openshift container platform	=4.7
redhat openshift container platform	=4.9
redhat virtualization host	=4.0
Red Hat Enterprise Linux	=8.0
IBM Storage Copy Data Management	>=2.2.0.0<=2.2.15.0
IBM Storage Protect Plus	>=10.1.0<=10.1.10.2
Linux Kernel
redhat codeready Linux builder
Red Hat Enterprise Linux	=8.0
redhat enterprise Linux eus	=8.6
redhat enterprise Linux for power little endian	=8.0
redhat enterprise Linux for power little endian eus	=8.6
redhat openshift container platform	=4.6
redhat openshift container platform	=4.7
redhat openshift container platform	=4.9
redhat virtualization host	=4.0

Remedy

Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2021-3669?
CVE-2021-3669 has a moderate severity rating as it can lead to resource exhaustion and denial of service in the Linux kernel.
How do I fix CVE-2021-3669?
To fix CVE-2021-3669, update the Linux kernel to versions 0:4.18.0-372.9.1.rt7.166.el8 or 0:4.18.0-372.9.1.el8 or later.
Which operating systems are affected by CVE-2021-3669?
CVE-2021-3669 affects various Linux distributions including Red Hat Enterprise Linux, Debian, and Fedora.
What type of vulnerability is CVE-2021-3669?
CVE-2021-3669 is a denial-of-service (DoS) vulnerability that occurs due to resource exhaustion when handling large shared memory segment counts.
Is my Linux system vulnerable to CVE-2021-3669?
You can determine if your Linux system is vulnerable to CVE-2021-3669 by checking if you are running an affected version of the kernel or relevant software.

collector/redhat-cve
agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/weakness
agent/severity
collector/mitre-cve
source/MITRE
agent/references
agent/remedy
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2021-3669
agent/last-modified-date
agent/trending
agent/source
agent/author
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
collector/usn-cve
source/Ubuntu
agent/description
agent/event
agent/tags
agent/softwarecombine
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
package-manager/redhat
package-manager/debian
vendor/linux
canonical/linux kernel
vendor/ibm
canonical/ibm storage copy data management
version/ibm storage copy data management/2.2.0.0
version/ibm storage copy data management/2.2.15.0
canonical/ibm storage protect plus
version/ibm storage protect plus/10.1.0
version/ibm storage protect plus/10.1.10.2
vendor/debian
canonical/debian
version/debian/10.0
version/debian/11.0
vendor/fedoraproject
canonical/fedora
version/fedora/34
vendor/redhat
canonical/red hat quarkus
version/red hat quarkus/2.0
canonical/redhat developer tools
version/redhat developer tools/1.0
canonical/red hat enterprise linux
version/red hat enterprise linux/6.0
version/red hat enterprise linux/7.0
version/red hat enterprise linux/8.0
canonical/redhat enterprise linux aus
version/redhat enterprise linux aus/8.6
canonical/redhat enterprise linux for ibm z systems
version/redhat enterprise linux for ibm z systems/8.0
canonical/redhat enterprise linux for ibm z systems eus
version/redhat enterprise linux for ibm z systems eus/8.6
canonical/redhat enterprise linux for power little endian
version/redhat enterprise linux for power little endian/8.0
canonical/redhat enterprise linux for power little endian eus
version/redhat enterprise linux for power little endian eus/8.6
canonical/redhat enterprise linux for real time
version/redhat enterprise linux for real time/8
canonical/redhat enterprise linux for real time for nfv
version/redhat enterprise linux for real time for nfv/8
canonical/redhat enterprise linux for real time for nfv tus
version/redhat enterprise linux for real time for nfv tus/8.6
canonical/redhat enterprise linux for real time tus
version/redhat enterprise linux for real time tus/8.6
canonical/redhat enterprise linux server aus
version/redhat enterprise linux server aus/8.6
canonical/redhat enterprise linux server for power little endian update services for sap solutions
version/redhat enterprise linux server for power little endian update services for sap solutions/8.6
canonical/redhat enterprise linux server tus
version/redhat enterprise linux server tus/8.6
canonical/redhat codeready linux builder
canonical/redhat enterprise linux eus
version/redhat enterprise linux eus/8.6
canonical/redhat openshift container platform
version/redhat openshift container platform/4.6
version/redhat openshift container platform/4.7
version/redhat openshift container platform/4.9
canonical/redhat virtualization host
version/redhat virtualization host/4.0