Resource exhaustion in Ibm Spectrum_copy_data_management
CVE-2021-3669
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
Vulnerability class: DoS (Denial of Service)
EPSS: 0.003 (19.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Ibm Spectrum_copy_data_management
- Ibm Spectrum_protect_plus
- Linux Linux_kernel
- Debian Debian_linux — versions 10.0, 11.0
- Fedoraproject Fedora — versions 34
- Redhat Build_of_quarkus
- Redhat Codeready_linux_builder
- Redhat Developer_tools — versions 1.0
- Redhat Enterprise_linux — versions 6.0, 7.0, 8.0
- Redhat Enterprise_linux_aus — versions 8.6
Weakness classification (CWE)
Public proof-of-concept exploits
References
- secalert@redhat.com (Permissions Required, x_refsource_MISC, Issue Tracking)
- secalert@redhat.com (Third Party Advisory, x_refsource_MISC, Issue Tracking)
- secalert@redhat.com (Third Party Advisory, x_refsource_MISC, Issue Tracking)
- secalert@redhat.com (Third Party Advisory, x_refsource_MISC, Issue Tracking)
- af854a3a-2127-422b-91ae-364da2661108
Frequently asked questions
- What is CVE-2021-3669?
- CVE-2021-3669 is a medium-severity vulnerability in Ibm Spectrum_copy_data_management, classified under Uncontrolled Resource Consumption. CVSS score: 5.5/10. Published 2022-08-26.
- How severe is CVE-2021-3669?
- Medium severity. CVSS v3 base score is 5.5 out of 10.
- Is CVE-2021-3669 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.