CVE-2021-3864

Public on 2022-08-26

Modified on 2024-04-16

Description

AWS is aware of CVE-2021-3864, related to the Linux kernel coredump mechanism.

Amazon Linux 2023 is not affected by CVE-2021-3864 as it uses a core pattern of `|/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h` which makes sure that coredumps are written to a fixed path.

Amazon Linux 2 is affected by CVE-2021-3864 because it uses core as it’s default core pattern, meaning that coredumps end up in the current working directory. We recommend customers upgrade to Amazon Linux 2023 to address this issue. If you cannot upgrade to Amazon Linux 2023, we recommend you create a directory that is only writable by the root user and adjust `/proc/sys/kernel/core_pattern` to force core dumps to have a fixed path prefix into this new directory.

Severity

Important

CVSS v3 Base Score

7.0

See breakdown

Affected Packages

Platform	Package	Status
Amazon Linux 1	kernel	No Fix Planned
Amazon Linux 2 - Core	kernel	No Fix Planned
Amazon Linux 2 - Kernel-5.10 Extra	kernel	No Fix Planned
Amazon Linux 2 - Kernel-5.15 Extra	kernel	No Fix Planned
Amazon Linux 2 - Kernel-5.4 Extra	kernel	No Fix Planned
Amazon Linux 2023	kernel	Not Affected

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	7.0	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
NVD	CVSSv3	7.0	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Red Hat: CVE-2021-3864 Mitre: CVE-2021-3864