{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "REJECTED", "cveId": "CVE-2021-3894", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2023-02-12T00:00:00.000Z", "dateRejected": "2023-02-12T00:00:00.000Z", "dateReserved": "2021-10-20T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-02-12T00:00:00.000Z"}, "rejectedReasons": [{"lang": "en", "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."}], "id": "CVE-2021-3894", "lastModified": "2023-11-07T03:38:23.590", "metrics": {}, "published": "2022-08-23T16:15:10.140", "references": [], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "kernel: sctp: local DoS: unprivileged user can cause BUG()", "id": "2014970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014970"}, "csaw": false, "cvss3": {"cvss3_base_score": "0.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N", "status": "draft"}, "cwe": "CWE-400", "details": ["A vulnerability was found in the Linux kernel. This flaw allows an unprivileged local user to panic the system, resulting in a denial of service by calling setsockopt(2) with specially crafted arguments. The highest threat from this vulnerability is to system availability."], "mitigation": {"lang": "en:us", "value": "As the SCTP module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\n# echo \"install sctp /bin/true\" >> /etc/modprobe.d/disable-sctp.conf\nThe system will need to be restarted if the SCTP modules are loaded. In most circumstances, the CIFS kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.\nIf the system requires this module to work correctly, this mitigation may not be suitable.\nIf you need further assistance, see the KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services."}, "name": "CVE-2021-3894", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2022-02-03T05:04:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-3894\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3894\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"], "statement": "This flaw was found to be a duplicate of CVE-2022-0322. Please see https://access.redhat.com/security/cve/CVE-2022-0322 for information about affected products and security errata."}

{}