CVE-2021-4157
kernel: Buffer overwrite in decode_nfs_fh function
Severity Score
8.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.
Se encontró un fallo de escritura fuera de los límites de la memoria (1 o 2 bytes de memoria) en el subsistema NFS del kernel de Linux en la forma en que los usuarios usan el mirroring (replicación de archivos con NFS). Un usuario, que tenga acceso al montaje NFS, podría potencialmente usar este fallo para bloquear el sistema o escalar privilegios en el sistema
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-12-22 CVE Reserved
- 2022-03-25 CVE Published
- 2023-11-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://lore.kernel.org/lkml/20210517140244.822185482%40linuxfoundation.org | X_refsource_misc | |
| https://security.netapp.com/advisory/ntap-20220602-0007 | Third Party Advisory |
|
| https://www.oracle.com/security-alerts/cpujul2022.html | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2034342 | 2022-05-10 | |
| https://access.redhat.com/security/cve/CVE-2021-4157 | 2022-05-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netapp Search vendor "Netapp" | H300e Firmware Search vendor "Netapp" for product "H300e Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H300e Search vendor "Netapp" for product "H300e" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H300s Firmware Search vendor "Netapp" for product "H300s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H300s Search vendor "Netapp" for product "H300s" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H500e Firmware Search vendor "Netapp" for product "H500e Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H500e Search vendor "Netapp" for product "H500e" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H500s Firmware Search vendor "Netapp" for product "H500s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H500s Search vendor "Netapp" for product "H500s" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H700e Firmware Search vendor "Netapp" for product "H700e Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H700e Search vendor "Netapp" for product "H700e" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H700s Firmware Search vendor "Netapp" for product "H700s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H700s Search vendor "Netapp" for product "H700s" | - | - |
Safe
|
| Netapp Search vendor "Netapp" | H410s Firmware Search vendor "Netapp" for product "H410s Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H410s Search vendor "Netapp" for product "H410s" | - | - |
Safe
|
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.0 < 4.4.269 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.0 < 4.4.269" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.9.269 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.9.269" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 4.14.233 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.14.233" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.15 < 4.19.191 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.191" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.4.120 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.120" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.10.38 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.38" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.11.22 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.11.22" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.12 < 5.12.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 5.12.5" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Cloud Native Core Binding Support Function Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" | 22.1.1 Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" and version "22.1.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Cloud Native Core Binding Support Function Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" | 22.1.3 Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" and version "22.1.3" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Cloud Native Core Binding Support Function Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" | 22.2.0 Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" and version "22.2.0" | - |
Affected
| ||||||