Rewterz Threat Advisory – CVE-2021-43975 – Linux Kernel hw_atl_utils_fw_rpc_wait Vulnerability
November 19, 2021Rewterz Threat Advisory – CVE-2021-37580 – Apache ShenYu Vulnerability
November 19, 2021Rewterz Threat Advisory – CVE-2021-43975 – Linux Kernel hw_atl_utils_fw_rpc_wait Vulnerability
November 19, 2021Rewterz Threat Advisory – CVE-2021-37580 – Apache ShenYu Vulnerability
November 19, 2021Severity
Medium
Analysis Summary
CVE-2021-29860
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the libc.a library to expose sensitive information.
CVE-2021-29861
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in EFS to expose sensitive information
CVE-2021-29859
IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system.
Impact
- Information Disclosure
- Denial of Service
Affected Vendors
IBM
Affected Products
- IBM AIX 7.1
- IBM AIX 7.2
- IBM VIOS 3.1
- IBM SPSS Statistics 24.0
- IBM SPSS Statistics 27.0.1
- IBM SPSS Statistics 25.0
- IBM SPSS Statistics 26.0
- IBM SPSS Statistics 27.0
- IBM SPSS Statistics 28.0
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.
CVE-2021-29860
CVE-2021-29861
CVE-2021-29859