CVE-2021-36087

ADVISORY - nist

Summary

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.

EPSS Score⁠: 0.00017 (0.031)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

ADVISORY - redhat

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

Impacted images

Advisories

NIST

CREATED

5 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2021-36087⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠

CVSS SCORE

3.3low

Debian

CREATED

5 years ago

UPDATED

26 days ago

ADVISORY IDCVE-2021-36087⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

5 years ago

UPDATED

11 months ago

ADVISORY IDCVE-2021-36087⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

3.3low

Alma

CREATED

4 years ago

UPDATED

3 years ago

ADVISORY IDALSA-2021:4513⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2-2023-2307⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 years ago

UPDATED

10 months ago

ADVISORY IDALAS2022-2022-030⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 years ago

UPDATED

10 months ago

ADVISORY IDALAS2022-2022-170⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 years ago

UPDATED

10 months ago

ADVISORY IDALAS2022-2022-208⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDALAS2023-2023-017⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

5 years ago

UPDATED

20 days ago

ADVISORY IDCVE-2021-36087⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-119⁠

CVSS SCORE

3.3medium

Rocky

CREATED

4 years ago

UPDATED

11 months ago

ADVISORY IDRLSA-2021:4513⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

4 years ago

UPDATED

4 years ago

ADVISORY IDELSA-2021-4513⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

intheWild

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY IDCVE-2021-36087⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY