{"id":"CVE-2021-3715","details":"A flaw was found in the \"Routing decision\" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","aliases":["A-223966861","PUB-A-223966861"],"modified":"2026-03-13T05:06:14.689126Z","published":"2022-03-02T23:15:08.957Z","related":["SUSE-SU-2021:3371-1","SUSE-SU-2021:3401-1","SUSE-SU-2021:3440-1","SUSE-SU-2021:3459-1","SUSE-SU-2021:3640-1","SUSE-SU-2021:3641-1","SUSE-SU-2021:3642-1","SUSE-SU-2021:3658-1","SUSE-SU-2021:3675-1","SUSE-SU-2021:3723-1","SUSE-SU-2021:3748-1","SUSE-SU-2021:3754-1","SUSE-SU-2021:3876-1","SUSE-SU-2021:3929-1","SUSE-SU-2021:3935-1","SUSE-SU-2021:3972-1","openSUSE-SU-2021:1477-1","openSUSE-SU-2021:3641-1","openSUSE-SU-2021:3675-1","openSUSE-SU-2021:3876-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"3.18"},{"fixed":"4.4.218"}]},{"events":[{"introduced":"4.5"},{"fixed":"4.9.218"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.175"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.114"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.29"}]},{"events":[{"introduced":"5.5.0"},{"fixed":"5.5.14"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3715.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}