Home > Vulnerability Database > CVE-2021-3982

Mend.io Vulnerability Database

CVE-2021-3982

Date: April 28, 2022

Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine.

Severity Score

5.5

Related Resources (9)

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3982

Url: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/4711

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-3982

Url: https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/2060

Url: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2284

Url: https://access.redhat.com/security/cve/CVE-2021-3982

Url: https://security-tracker.debian.org/tracker/CVE-2021-3982

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2024174

Url: https://www.mend.io/vulnerability-database/CVE-2021-3982

Severity Score

5.5

Weakness Type (CWE)

Improper Check for Dropped Privileges

CWE-273

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	2.1
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2021-3982

Date: April 28, 2022

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?