CVE-2021-42257

Name of the Vulnerable Software and Affected Versions check smart versions prior to 6.9.1

Description The issue allows unintended drive access by an unprivileged user due to a substring match of a device path, specifically checking for the /dev/bus substring and a number, which is an example of an unanchored regular expression. This can lead to unauthorized access.

Recommendations For versions prior to 6.9.1, update to version 6.9.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the check smart function until a patch is available.