Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 24, 2021Rewterz Threat Advisory – CVE-2021-20019 – SonicWall SonicOS information disclosure
June 24, 2021Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 24, 2021Rewterz Threat Advisory – CVE-2021-20019 – SonicWall SonicOS information disclosure
June 24, 2021Severity
Medium
Analysis Summary
CVE-2021-3600
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by an eBPF 32-bit div/mod source register truncation leading to out-of-bounds reads and writes flaws. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code, obtain sensitive information, or cause a denial of service condition on the system
Impact
- Code Execution
- Denial of Service
- Unauthorized Access
Affected Vendors
Linux
Affected Products
- Linux Kernel 4.4.0
- Linux Kernel 4.9
- Linux Kernel 4.14
- Linux Kernel 4.15-rc9
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.