{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T08:49:39.659","vulnerabilities":[{"cve":{"id":"CVE-2021-4159","sourceIdentifier":"secalert@redhat.com","published":"2022-08-24T16:15:09.713","lastModified":"2024-11-21T06:37:02.127","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel."},{"lang":"es","value":"Se encontró una vulnerabilidad en el verificador EBPF del kernel de Linux cuando son manejadas estructuras de datos internas. Las ubicaciones de memoria interna podían ser devueltas al espacio de usuario. Un atacante local con permisos para insertar código eBPF en el kernel puede usar esto para filtrar detalles de la memoria interna del kernel derrotando algunas de las mitigaciones de explotación en el lugar para el kernel."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-202"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.7","matchCriteriaId":"C3821E00-CCBB-4CD4-AD2C-D47DFF2F5A34"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2021-4159","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036024","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=294f2fc6da27620a506e6c050241655459ccd6bd","source":"secalert@redhat.com","tags":["Mailing List","Patch","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security-tracker.debian.org/tracker/CVE-2021-4159","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2021-4159","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036024","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=294f2fc6da27620a506e6c050241655459ccd6bd","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security-tracker.debian.org/tracker/CVE-2021-4159","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}