CVE-2021-3772 (CNNVD-202109-438)

MEDIUM
中文标题:
Linux kernel 安全漏洞
英文标题:
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP asso...
CVSS分数: 6.5
发布时间: 2022-03-02 00:00:00
漏洞类型: 其他
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v3
漏洞描述
中文描述:

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel SCTP存在安全漏洞,如果攻击者知道正在使用的 IP 地址和端口号,并且攻击者可以发送带有欺骗性 IP 地址的数据包,那么攻击者可能能够通过无效块杀死现有的 SCTP 关联。

英文描述:

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.

CWE类型:
CWE-354
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
linux linux_kernel * - - cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
redhat enterprise_linux 8.0 - - cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
debian debian_linux 9.0 - - cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
debian debian_linux 10.0 - - cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
oracle communications_cloud_native_core_binding_support_function 22.1.3 - - cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
oracle communications_cloud_native_core_network_exposure_function 22.1.1 - - cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
oracle communications_cloud_native_core_policy 22.2.0 - - cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.0 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.0.0 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.20 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.25 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.30 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.30.5r3 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.40 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.40.3r2 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.40.5 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.50.1 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.50.2 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.60 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.60.0 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.60.1 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.60.3 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.70.1 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*
netapp e-series_santricity_os_controller 11.70.2 - - cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*
netapp solidfire_\&_hci_management_node - - - cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
netapp solidfire_\&_hci_storage_node - - - cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:*:*:*:*:*:*:*
netapp hci_compute_node - - - cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
netapp h300s_firmware - - - cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
netapp h500s_firmware - - - cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
netapp h700s_firmware - - - cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
netapp h410s_firmware - - - cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
netapp h410c_firmware - - - cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
netapp h610c_firmware - - - cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
netapp h610s_firmware - - - cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
netapp h615c_firmware - - - cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update mailing-list
cve.org
访问
DSA-5096 vendor-advisory
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
CVSS评分详情
6.5
MEDIUM
CVSS向量: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
CVSS版本: 3.1
机密性
NONE
完整性
LOW
可用性
HIGH
时间信息
发布时间:
2022-03-02 00:00:00
修改时间:
2024-08-03 17:09:08
创建时间:
2025-11-11 15:36:58
更新时间:
2025-11-11 15:56:55
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2021-3772 2025-11-11 15:21:05 2025-11-11 07:36:58
NVD nvd_CVE-2021-3772 2025-11-11 14:57:49 2025-11-11 07:45:16
CNNVD cnnvd_CNNVD-202109-438 2025-11-11 15:10:43 2025-11-11 07:56:55
版本与语言
当前版本: v3
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v3 CNNVD
2025-11-11 15:56:55
vulnerability_type: 未提取 → 其他; cnnvd_id: 未提取 → CNNVD-202109-438; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 其他
  • cnnvd_id: 未提取 -> CNNVD-202109-438
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:45:16
cvss_score: 未提取 → 6.5; cvss_vector: NOT_EXTRACTED → CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H; cvss_version: NOT_EXTRACTED → 3.1; affected_products_count: 0 → 35; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • cvss_score: 未提取 -> 6.5
  • cvss_vector: NOT_EXTRACTED -> CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
  • cvss_version: NOT_EXTRACTED -> 3.1
  • affected_products_count: 0 -> 35
  • data_sources: ['cve'] -> ['cve', 'nvd']