CVE-2021-3669
First published: Tue Jul 27 2021(Updated: )
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:4.18.0-372.9.1.rt7.166.el8 | 0:4.18.0-372.9.1.rt7.166.el8 |
| redhat/kernel | <0:4.18.0-372.9.1.el8 | 0:4.18.0-372.9.1.el8 |
| Linux Kernel | ||
| All of | ||
| Any of | ||
| IBM Storage Copy Data Management | >=2.2.0.0<=2.2.15.0 | |
| IBM Storage Protect Plus | >=10.1.0<=10.1.10.2 | |
| Linux Kernel | ||
| Debian Linux | =10.0 | |
| Debian Linux | =11.0 | |
| Red Hat Fedora | =34 | |
| Red Hat Quarkus | >=2.0<2.7 | |
| Red Hat Developer Tools | =1.0 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =8.6 | |
| Red Hat Enterprise Linux for IBM Z Systems | =8.0 | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.6 | |
| Red Hat Enterprise Linux for Power, little endian | =8.0 | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.6 | |
| Red Hat Enterprise Linux for Real Time | =8 | |
| Red Hat Enterprise Linux for Real Time for NFV | =8 | |
| Red Hat Enterprise Linux for Real Time for NFV | =8.6 | |
| Red Hat Enterprise Linux for Real Time | =8.6 | |
| Red Hat Enterprise Linux Server | =8.6 | |
| Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =8.6 | |
| Red Hat Enterprise Linux Server | =8.6 | |
| All of | ||
| Red Hat CodeReady Linux Builder | ||
| Any of | ||
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux Server EUS | =8.6 | |
| Red Hat Enterprise Linux for Power, little endian | =8.0 | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.6 | |
| All of | ||
| Any of | ||
| Red Hat OpenShift Container Platform | =4.6 | |
| Red Hat OpenShift Container Platform | =4.7 | |
| Red Hat OpenShift Container Platform | =4.9 | |
| Red Hat Virtualization Host EUS | =4.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| IBM Storage Copy Data Management | >=2.2.0.0<=2.2.15.0 | |
| IBM Storage Protect Plus | >=10.1.0<=10.1.10.2 | |
| Linux Kernel | ||
| Red Hat CodeReady Linux Builder | ||
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux Server EUS | =8.6 | |
| Red Hat Enterprise Linux for Power, little endian | =8.0 | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.6 | |
| Red Hat OpenShift Container Platform | =4.6 | |
| Red Hat OpenShift Container Platform | =4.7 | |
| Red Hat OpenShift Container Platform | =4.9 | |
| Red Hat Virtualization Host EUS | =4.0 | |
| debian/linux | <=5.10.223-1 | 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Remedy
Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-3669 https://nvd.nist.gov/vuln/detail/CVE-2021-3669
- https://bugzilla.redhat.com/show_bug.cgi?id=1986473
- https://access.redhat.com/errata/RHSA-2022:1975
- https://access.redhat.com/errata/RHSA-2022:1988
- https://access.redhat.com/security/cve/cve-2021-3669
- https://access.redhat.com/security/cve/CVE-2021-3669
- https://bugzilla.redhat.com/show_bug.cgi?id=1980619
- https://security-tracker.debian.org/tracker/CVE-2021-3669
- https://launchpad.net/bugs/cve/CVE-2021-3669
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1988923
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1980619
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1986473#c9
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1986473#c10
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3669
- https://nvd.nist.gov/vuln/detail/CVE-2021-3669
- https://ubuntu.com/security/CVE-2021-3669
Frequently Asked Questions
What is the severity of CVE-2021-3669?
CVE-2021-3669 has a moderate severity rating as it can lead to resource exhaustion and denial of service in the Linux kernel.
How do I fix CVE-2021-3669?
To fix CVE-2021-3669, update the Linux kernel to versions 0:4.18.0-372.9.1.rt7.166.el8 or 0:4.18.0-372.9.1.el8 or later.
Which operating systems are affected by CVE-2021-3669?
CVE-2021-3669 affects various Linux distributions including Red Hat Enterprise Linux, Debian, and Fedora.
What type of vulnerability is CVE-2021-3669?
CVE-2021-3669 is a denial-of-service (DoS) vulnerability that occurs due to resource exhaustion when handling large shared memory segment counts.
Is my Linux system vulnerable to CVE-2021-3669?
You can determine if your Linux system is vulnerable to CVE-2021-3669 by checking if you are running an affected version of the kernel or relevant software.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-3669
- agent/last-modified-date
- agent/trending
- agent/source
- agent/author
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- vendor/ibm
- canonical/ibm storage copy data management
- version/ibm storage copy data management/2.2.0.0
- version/ibm storage copy data management/2.2.15.0
- canonical/ibm storage protect plus
- version/ibm storage protect plus/10.1.0
- version/ibm storage protect plus/10.1.10.2
- vendor/debian
- canonical/debian linux
- version/debian linux/10.0
- version/debian linux/11.0
- vendor/fedoraproject
- canonical/red hat fedora
- version/red hat fedora/34
- vendor/redhat
- canonical/red hat quarkus
- version/red hat quarkus/2.0
- canonical/red hat developer tools
- version/red hat developer tools/1.0
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/8.6
- canonical/red hat enterprise linux for ibm z systems
- version/red hat enterprise linux for ibm z systems/8.0
- canonical/red hat enterprise linux for ibm z systems (s390x)
- version/red hat enterprise linux for ibm z systems (s390x)/8.6
- canonical/red hat enterprise linux for power, little endian
- version/red hat enterprise linux for power, little endian/8.0
- canonical/red hat enterprise linux for power, little endian - extended update support
- version/red hat enterprise linux for power, little endian - extended update support/8.6
- canonical/red hat enterprise linux for real time
- version/red hat enterprise linux for real time/8
- canonical/red hat enterprise linux for real time for nfv
- version/red hat enterprise linux for real time for nfv/8
- version/red hat enterprise linux for real time for nfv/8.6
- version/red hat enterprise linux for real time/8.6
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/8.6
- canonical/red hat enterprise linux for sap applications for power, little endian - extended update support
- version/red hat enterprise linux for sap applications for power, little endian - extended update support/8.6
- canonical/red hat codeready linux builder
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/8.6
- canonical/red hat openshift container platform
- version/red hat openshift container platform/4.6
- version/red hat openshift container platform/4.7
- version/red hat openshift container platform/4.9
- canonical/red hat virtualization host eus
- version/red hat virtualization host eus/4.0
- package-manager/debian