Rewterz Threat Alert – AlumniLocker and Humble Ransomware – IoCs
March 8, 2021Rewterz Threat Alert – Donot APT group – IOCs
March 9, 2021Rewterz Threat Alert – AlumniLocker and Humble Ransomware – IoCs
March 8, 2021Rewterz Threat Alert – Donot APT group – IOCs
March 9, 2021Severity
Medium
Analysis Summary
CVE-2021-27365
Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by an issue with certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. By sending a specially-crafted Netlink message, an attacker could exploit this vulnerability to obtain memory information, and use this information to launch further attacks against the affected system.
Impact
Information disclosure
Affected Vendors
Linux
Affected Products
Linux Kernel 5.11.3
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.