Vulnerabilities > CVE-2021-3714

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

high complexity

linux

redhat

NVD

Published: 2022-08-23

Updated: 2024-11-21

Summary

A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel -	1
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 8.0	3

References

https://access.redhat.com/security/cve/CVE-2021-3714
https://access.redhat.com/security/cve/CVE-2021-3714
https://arxiv.org/abs/2111.08553
https://arxiv.org/abs/2111.08553
https://arxiv.org/pdf/2111.08553.pdf
https://arxiv.org/pdf/2111.08553.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=1931327
https://bugzilla.redhat.com/show_bug.cgi?id=1931327

Vulnerabilities > CVE-2021-3714 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2021-3714"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2021-3714