March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory –Multiple Cisco Small Business Wireless Access Points Vulnerabilities
August 4, 2021Rewterz Threat Alert –Raccoon Infostealer – Active IOCs
August 4, 2021Rewterz Threat Advisory –Multiple Cisco Small Business Wireless Access Points Vulnerabilities
August 4, 2021Rewterz Threat Alert –Raccoon Infostealer – Active IOCs
August 4, 2021
Severity
Medium
Analysis Summary
CVE-2021-35477
Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a certain preempting store operation does not necessarily occur before a store operation. By executing a specially-crafted BPF program, an attacker could exploit this vulnerability to obtain sensitive information from kernel memory, and use this information to launch further attacks against the affected system.
CVE-2021-34556
Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by the protection mechanism neglecting the possibility of uninitialized memory locations. By executing a specially-crafted BPF program, an attacker could exploit this vulnerability to obtain sensitive information from kernel memory, and use this information to launch further attacks against the affected system.
Impact
- Information Theft
- Unauthorized Access
Affected Vendors
Linux
Affected Products
- Linux Kernel 5.13.7
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.