CVE-2021-39636 - OpenCVE

In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android

Configuration 1 [-]

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://android.googlesource.com/kernel/common/+/823f05d71506017aa4d47ae8b9546081686098fe
https://android.googlesource.com/kernel/common/+/8a1b3c7bd71ef1e7a4537216858dbe7d13eec6ed
https://android.googlesource.com/kernel/common/+/bb5bc03a5056b4b22f00b7333c42c861b83ef19f
https://android.googlesource.com/kernel/common/+/d104670ce30b9f910f39fbaad3ec59f87fa43468
https://android.googlesource.com/kernel/common/+/dcd0c8c3e87cf08344e169fdb94eb7ec96c3c32a
https://nvd.nist.gov/vuln/detail/CVE-2021-39636
https://source.android.com/security/bulletin/pixel/2021-12-01
https://www.cve.org/CVERecord?id=CVE-2021-39636

History

No history.

MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2021-12-15T18:05:53

Updated: 2024-08-04T02:13:37.313Z

Reserved: 2021-08-23T00:00:00

Link: CVE-2021-39636

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-12-15T19:15:15.017

Modified: 2022-07-12T17:42:04.277

Link: CVE-2021-39636

Redhat

Severity : Moderate

Publid Date: 2021-12-06T00:00:00Z

Links: CVE-2021-39636 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "Android", "vendor": "n/a", "versions": [{"status": "affected", "version": "Android kernel"}]}], "descriptions": [{"lang": "en", "value": "In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel"}], "problemTypes": [{"descriptions": [{"description": "Information disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-15T18:05:53", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://source.android.com/security/bulletin/pixel/2021-12-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@android.com", "ID": "CVE-2021-39636", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Android", "version": {"version_data": [{"version_value": "Android kernel"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "references": {"reference_data": [{"name": "https://source.android.com/security/bulletin/pixel/2021-12-01", "refsource": "MISC", "url": "https://source.android.com/security/bulletin/pixel/2021-12-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T02:13:37.313Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://source.android.com/security/bulletin/pixel/2021-12-01"}]}]}, "cveMetadata": {"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2021-39636", "datePublished": "2021-12-15T18:05:53", "dateReserved": "2021-08-23T00:00:00", "dateUpdated": "2024-08-04T02:13:37.313Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel"}, {"lang": "es", "value": "En las funciones do_ipt_get_ctl y do_ipt_set_ctl del archivo ip_tables.c, se presenta una posible forma de filtrar informaci\u00f3n del kernel debido a datos no inicializados. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local con los privilegios de ejecuci\u00f3n System requeridos. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. Producto: Android. Versiones: Android kernel. ID de Android: A-120612905. Referencias: Kernel ascendente"}], "id": "CVE-2021-39636", "lastModified": "2022-07-12T17:42:04.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-15T19:15:15.017", "references": [{"source": "security@android.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://source.android.com/security/bulletin/pixel/2021-12-01"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-665"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: information disclosure due to uninitialized data in do_ipt_get_ctl() and do_ipt_set_ctl() in ip_tables.c", "id": "2068577", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2068577"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-200", "details": ["In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel", "A vulnerability was found in the Linux kernel\u2019s net/ipv6/netfilter/ip6_tables.c:copy_entries_to_user function. This flaw allows a local attacker to leak internal kernel information."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, prevent the module ip6_tables from being loaded. \nPlease see https://access.redhat.com/solutions/41278 \nfor information on how to blacklist a kernel module to prevent it from loading automatically."}, "name": "CVE-2021-39636", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-12-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-39636\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-39636\nhttps://android.googlesource.com/kernel/common/+/823f05d71506017aa4d47ae8b9546081686098fe\nhttps://android.googlesource.com/kernel/common/+/8a1b3c7bd71ef1e7a4537216858dbe7d13eec6ed\nhttps://android.googlesource.com/kernel/common/+/bb5bc03a5056b4b22f00b7333c42c861b83ef19f\nhttps://android.googlesource.com/kernel/common/+/d104670ce30b9f910f39fbaad3ec59f87fa43468\nhttps://android.googlesource.com/kernel/common/+/dcd0c8c3e87cf08344e169fdb94eb7ec96c3c32a\nhttps://source.android.com/security/bulletin/pixel/2021-12-01"], "threat_severity": "Moderate", "upstream_fix": "kernel 4.11 rc1"}