UBUNTU-CVE-2021-3982

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2021-3982
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3982.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-3982
Upstream
Published
2022-04-29T17:15:00Z
Modified
2025-09-08T16:46:50Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

Linux distributions using CAPSYSNICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAPSYSNICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine.

References

Affected packages

Ubuntu:Pro:16.04:LTS / gnome-shell

Package

Name
gnome-shell
Purl
pkg:deb/ubuntu/gnome-shell@3.18.5-0ubuntu0.3+esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.16.4-0ubuntu1
3.18.1-1ubuntu1
3.18.2-0ubuntu1
3.18.2-0ubuntu2
3.18.3-3ubuntu1
3.18.4-0ubuntu1
3.18.4-0ubuntu2
3.18.4-0ubuntu3
3.18.5-0ubuntu0.1
3.18.5-0ubuntu0.2
3.18.5-0ubuntu0.3
3.18.5-0ubuntu0.3+esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "3.18.5-0ubuntu0.3+esm1",
            "binary_name": "gnome-shell"
        },
        {
            "binary_version": "3.18.5-0ubuntu0.3+esm1",
            "binary_name": "gnome-shell-common"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-3982.json"