Lucene search

[email protected]NVD:CVE-2021-38199

HistoryAug 08, 2021 - 8:15 p.m.

CVE-2021-38199

2021-08-0820:15:07

[email protected]

web.nvd.nist.gov

cve-2021-38199

linux kernel

nfsv4 client

denial of service

vulnerability

remote servers

hanging of mounts

trunking detection

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.0%

JSON

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.

Affected configurations

Nvd

Node

linuxlinux_kernelRange<5.13.4

Node

netapphci_compute_nodeMatch-

AND

netapphci_bootstrap_osMatch-

Node

netapphci_management_nodeMatch-

netappsolidfireMatch-

Node

netapphci_storage_nodeMatch-

AND

netappelement_softwareMatch-

Node

debiandebian_linuxMatch9.0

debiandebian_linuxMatch11.0

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
netapphci_compute_node-cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
netapphci_bootstrap_os-cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*
netapphci_management_node-cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
netappsolidfire-cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
netapphci_storage_node-cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*
netappelement_software-cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
debiandebian_linux11.0cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
netapp	hci_compute_node	-	cpe:2.3:h:netapp:hci_compute_node:-:::::::*
netapp	hci_bootstrap_os	-	cpe:2.3:o:netapp:hci_bootstrap_os:-:::::::*
netapp	hci_management_node	-	cpe:2.3:a:netapp:hci_management_node:-:::::::*
netapp	solidfire	-	cpe:2.3:a:netapp:solidfire:-:::::::*
netapp	hci_storage_node	-	cpe:2.3:h:netapp:hci_storage_node:-:::::::*
netapp	element_software	-	cpe:2.3:a:netapp:element_software:-:::::::*
debian	debian_linux	9.0	cpe:2.3:o:debian:debian_linux:9.0:::::::*
debian	debian_linux	11.0	cpe:2.3:o:debian:debian_linux:11.0:::::::*