Lucene search

MitreCVE-2021-28964

HistoryMar 22, 2021 - 9:15 a.m.

CVE-2021-28964

2021-03-2209:15:13

CWE-362

mitre

web.nvd.nist.gov

232

cve-2021-28964

linux kernel

race condition

denial of service

nvd

security vulnerability

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

High

EPSS

Percentile

14.2%

JSON

A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤5.11.8

Node

fedoraprojectfedoraMatch32

fedoraprojectfedoraMatch33

fedoraprojectfedoraMatch34

Node

debiandebian_linuxMatch9.0

Node

netappcloud_backupMatch-

netappsolidfire_baseboard_management_controller_firmwareMatch-

Node

netappaff_a250_firmwareMatch-

AND

netappaff_a250Match-

Node

netappfas_500f_firmwareMatch-

AND

netappfas_500fMatch-

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
fedoraprojectfedora32cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
fedoraprojectfedora33cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
fedoraprojectfedora34cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
netappcloud_backup-cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
netappsolidfire_baseboard_management_controller_firmware-cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*
netappaff_a250_firmware-cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*
netappaff_a250-cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*
netappfas_500f_firmware-cpe:2.3:o:netapp:fas_500f_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
fedoraproject	fedora	32	cpe:2.3:o:fedoraproject:fedora:32:::::::*
fedoraproject	fedora	33	cpe:2.3:o:fedoraproject:fedora:33:::::::*
fedoraproject	fedora	34	cpe:2.3:o:fedoraproject:fedora:34:::::::*
debian	debian_linux	9.0	cpe:2.3:o:debian:debian_linux:9.0:::::::*
netapp	cloud_backup	-	cpe:2.3:a:netapp:cloud_backup:-:::::::*
netapp	solidfire_baseboard_management_controller_firmware	-	cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:::::::*
netapp	aff_a250_firmware	-	cpe:2.3:o:netapp:aff_a250_firmware:-:::::::*
netapp	aff_a250	-	cpe:2.3:h:netapp:aff_a250:-:::::::*
netapp	fas_500f_firmware	-	cpe:2.3:o:netapp:fas_500f_firmware:-:::::::*