CVE-2021-3428
kernel: integer overflow in ext4_es_cache_extent
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat.
Se ha encontrado un fallo en el kernel de Linux. Es identificado un problema de denegación de servicio si es corrompido un árbol de extensiones en un sistema de archivos ext4 diseñado en el archivo fs/ext4/extents.c en la función ext4_es_cache_extent. Fabricando un desbordamiento de enteros, un atacante local con un privilegio de usuario especial puede causar un problema de bloqueo del sistema que puede conllevar a una amenaza de disponibilidad
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-03-10 CVE Reserved
- 2021-06-03 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
https://ubuntu.com/security/CVE-2021-3428 | Third Party Advisory | |
https://www.openwall.com/lists/oss-security/2021/03/17/1 | Mailing List |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2021-3428 | 2021-05-18 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1936786 | 2021-05-18 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.9.0 Search vendor "Linux" for product "Linux Kernel" and version " < 5.9.0" | - |
Affected
|