Lucene search

[email protected]CVE-2021-40490

HistorySep 03, 2021 - 1:15 a.m.

CVE-2021-40490

2021-09-0301:15:07

CWE-362

[email protected]

web.nvd.nist.gov

210

cve-2021-40490

ext4

race condition

linux kernel

nvd

security vulnerability

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.3%

JSON

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤5.13.13

Node

fedoraprojectfedoraMatch33

fedoraprojectfedoraMatch34

Node

debiandebian_linuxMatch9.0

debiandebian_linuxMatch11.0

Node

netappaff_a250Match-

AND

netappaff_a250_firmwareMatch-

Node

netappfas_500fMatch-

AND

netappfas_500f_firmwareMatch-

Node

netapph300sMatch-

AND

netapph300s_firmwareMatch-

Node

netapph500sMatch-

AND

netapph500s_firmwareMatch-

Node

netapph700sMatch-

AND

netapph700s_firmwareMatch-

Node

netapph300eMatch-

AND

netapph300e_firmwareMatch-

Node

netapph500eMatch-

AND

netapph500e_firmwareMatch-

Node

netapph700e_firmwareMatch-

AND

netapph700eMatch-

Node

netapph410s_firmwareMatch-

AND

netapph410sMatch-

Node

netapph410c_firmwareMatch-

AND

netapph410cMatch-

Node

netapph610c_firmwareMatch-

AND

netapph610cMatch-

Node

netapph610s_firmwareMatch-

AND

netapph610sMatch-

Node

netapph615c_firmwareMatch-

AND

netapph615cMatch-

CPENameOperatorVersion
linux:linux_kernellinux linux kernelle5.13.13

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	le	5.13.13

References

git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=9e445093e523f3277081314c864f708fd4bd34aa

lists.debian.org/debian-lts-announce/2021/10/msg00010.html

lists.debian.org/debian-lts-announce/2021/12/msg00012.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M6VS2DLGT7TK7URKAS2KWJL3S533SGVA/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XJGX3DMJT6MRBW2XEF3TWVHYWZW3DG3N/

security.netapp.com/advisory/ntap-20211004-0001/

www.debian.org/security/2021/dsa-4978

Social References

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.3%

JSON

Related for CVE-2021-40490

redhatcve1 amazon4 veracode1 openvas43 f51 ubuntucve1 debiancve1 cbl_mariner2 cvelist1 nvd1 fedora2 nessus58 prion1 githubexploit1 mageia2 cloudfoundry3 osv11 ubuntu8 oraclelinux7 photon6 suse6 debian4 slackware1