CVE-2021-29628 - OpenCVE

In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Freebsd	Freebsd

Configuration 1 [-]

OR	cpe:2.3:o:freebsd:freebsd:12.2:-::::::
	cpe:2.3:o:freebsd:freebsd:12.2:beta1-p1::::::
	cpe:2.3:o:freebsd:freebsd:12.2:p1::::::
	cpe:2.3:o:freebsd:freebsd:12.2:p2::::::
	cpe:2.3:o:freebsd:freebsd:12.2:p3::::::
	cpe:2.3:o:freebsd:freebsd:12.2:p4::::::
	cpe:2.3:o:freebsd:freebsd:12.2:p5::::::
	cpe:2.3:o:freebsd:freebsd:12.2:p6::::::
	cpe:2.3:o:freebsd:freebsd:13.0:-::::::
	cpe:2.3:o:freebsd:freebsd:13.0:beta3-p1::::::
	cpe:2.3:o:freebsd:freebsd:13.0:rc3::::::
	cpe:2.3:o:freebsd:freebsd:13.0:rc4::::::
	cpe:2.3:o:freebsd:freebsd:13.0:rc5-p1::::::

No data.

References

Link	Providers
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc
https://security.netapp.com/advisory/ntap-20210713-0002/

History

No history.

MITRE

Status: PUBLISHED

Assigner: freebsd

Published: 2021-05-28T14:06:12

Updated: 2024-08-03T22:11:06.340Z

Reserved: 2021-03-30T00:00:00

Link: CVE-2021-29628

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-05-28T15:15:08.627

Modified: 2022-05-16T20:55:20.930

Link: CVE-2021-29628

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "FreeBSD", "vendor": "n/a", "versions": [{"status": "affected", "version": "FreeBSD 13.0-RELEASE before p1, 12.2-RELEASE before p7"}]}], "descriptions": [{"lang": "en", "value": "In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit."}], "problemTypes": [{"descriptions": [{"description": "Privilege Context Switching Error", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-13T09:06:19", "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210713-0002/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secteam@freebsd.org", "ID": "CVE-2021-29628", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "FreeBSD", "version": {"version_data": [{"version_value": "FreeBSD 13.0-RELEASE before p1, 12.2-RELEASE before p7"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Privilege Context Switching Error"}]}]}, "references": {"reference_data": [{"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc", "refsource": "MISC", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc"}, {"name": "https://security.netapp.com/advisory/ntap-20210713-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210713-0002/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:11:06.340Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20210713-0002/"}]}]}, "cveMetadata": {"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "assignerShortName": "freebsd", "cveId": "CVE-2021-29628", "datePublished": "2021-05-28T14:06:12", "dateReserved": "2021-03-30T00:00:00", "dateUpdated": "2024-08-03T22:11:06.340Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*", "matchCriteriaId": "73D9C08B-8F5B-40C4-A5BD-B00D2E4C012D", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:beta1-p1:*:*:*:*:*:*", "matchCriteriaId": "04A52071-1307-4038-ACDF-F69954E95A39", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*", "matchCriteriaId": "62A178A3-6A52-4981-9A27-FB07AD8AF778", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*", "matchCriteriaId": "54A487B1-E5CE-4C76-87E8-518D24C5D86D", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p3:*:*:*:*:*:*", "matchCriteriaId": "9F084CAB-D138-4BF6-ABC2-2314F0FDE0D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p4:*:*:*:*:*:*", "matchCriteriaId": "4C232CA9-FC15-4596-AA99-74509A714C12", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p5:*:*:*:*:*:*", "matchCriteriaId": "25BD9C03-6219-49EB-B503-CD44A3B9AA0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p6:*:*:*:*:*:*", "matchCriteriaId": "900755CC-07EF-4799-B5B4-F3762B3650E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:-:*:*:*:*:*:*", "matchCriteriaId": "174265E7-6B73-4546-B4C7-3826C7EB5624", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta3-p1:*:*:*:*:*:*", "matchCriteriaId": "EC7326E3-908D-47A1-B848-3AA7F34B3DD3", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "ADBA841F-5C83-4759-84B7-B59DA1B12EA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "6A8F38B3-A6DA-4178-A2BD-0D4F0267C384", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc5-p1:*:*:*:*:*:*", "matchCriteriaId": "00D28E4E-022B-482E-9952-7F7F47C427C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be disabled for the duration of the system call. This weakness could be combined with other kernel bugs to craft an exploit."}, {"lang": "es", "value": "En FreeBSD versiones 13.0-STABLE anteriores a n245764-876ffe28796c, versiones 12.2-STABLE anteriores a r369857, versiones 13.0-RELEASE anteriores a p1 y versiones 12.2-RELEASE anteriores a p7, una llamada al sistema que desencadena un fallo podr\u00eda causar que las protecciones SMAP sean deshabilitadas durante la llamada al sistema. Esta debilidad podr\u00eda ser combinada con otros bugs del kernel para dise\u00f1ar una explotaci\u00f3n"}], "id": "CVE-2021-29628", "lastModified": "2022-05-16T20:55:20.930", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-28T15:15:08.627", "references": [{"source": "secteam@freebsd.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210713-0002/"}], "sourceIdentifier": "secteam@freebsd.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}