CVE-2021-43395

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.

Se descubrió un problema en illumos antes de f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04 y SmartOS 20210923. Un usuario local sin privilegios puede provocar un punto muerto y pánico en el kernel mediante llamadas de cambio de nombre y rmdir manipuladas en sistemas de archivos tmpfs. Oracle Solaris 10 y 11 también se ve afectado.

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-11-04 CVE Reserved
2022-12-26 CVE Published
2024-08-04 CVE Updated
2024-08-04 First Exploit
2024-08-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-667: Improper Locking

CAPEC

References (9)

URL	Tag	Source
http://www.tribblix.org/relnotes.html	Release Notes
https://jgardner100.wordpress.com/2022/01/20/security-heads-up	Third Party Advisory
https://kebe.com/blog/?p=505	Third Party Advisory

URL	Date	SRC
https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c	2024-08-04
https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c	2024-08-04

URL	Date	SRC
https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90	2023-08-08
https://www.illumos.org/issues/14424	2023-08-08
https://www.oracle.com/security-alerts/cpujan2022.html	2023-08-08

URL	Date	SRC
https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424	2023-08-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Illumos Search vendor "Illumos"		Illumos Search vendor "Illumos" for product "Illumos"				< 2022-01-18 Search vendor "Illumos" for product "Illumos" and version " < 2022-01-18"		-		Affected
Omniosce Search vendor "Omniosce"		Omnios Search vendor "Omniosce" for product "Omnios"				r151038 Search vendor "Omniosce" for product "Omnios" and version "r151038"		community		Affected
Openindiana Search vendor "Openindiana"		Openindiana Search vendor "Openindiana" for product "Openindiana"				hipster_2021.04 Search vendor "Openindiana" for product "Openindiana" and version "hipster_2021.04"		-		Affected
Joyent Search vendor "Joyent"		Smartos Search vendor "Joyent" for product "Smartos"				20210923 Search vendor "Joyent" for product "Smartos" and version "20210923"		-		Affected
Oracle Search vendor "Oracle"		Solaris Search vendor "Oracle" for product "Solaris"				10 Search vendor "Oracle" for product "Solaris" and version "10"		-		Affected
Oracle Search vendor "Oracle"		Solaris Search vendor "Oracle" for product "Solaris"				11 Search vendor "Oracle" for product "Solaris" and version "11"		-		Affected