PT-2021-6851 · Linux+6 · Linux Kernel+6

Wenqing Liu

·

Published

2021-12-10

·

Updated

2024-03-25

·

CVE-2021-44879

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.3
Description The issue is related to the gc data segment function in the Linux kernel, specifically in fs/f2fs/gc.c. It involves a NULL pointer dereference due to special files not being considered, which can lead to a denial of service. An attacker could potentially exploit this issue to cause a service disruption.
Recommendations For Linux kernel versions prior to 5.16.3, update to version 5.16.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the gc data segment function in fs/f2fs/gc.c to minimize the risk of exploitation.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2022-1171
ALT-PU-2022-1175
ALT-PU-2022-1647
ALT-PU-2022-2155
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-8577
BDU:2022-02325
CVE-2021-44879
DLA-3710-1
DLA-3711-1
DSA-5594-1
OESA-2022-1574
OPENSUSE-SU-2022:0768-1
OPENSUSE-SU-2022:1037-1
OPENSUSE-SU-2022:1039-1
OPENSUSE-SU-2022_0768-1
OPENSUSE-SU-2022_1037-1
OPENSUSE-SU-2022_1039-1
OPENSUSE-SU-2022_2520-1
OPENSUSE-SU-2022_2615-1
SUSE-SU-2022:0757-1
SUSE-SU-2022:0759-1
SUSE-SU-2022:0761-1
SUSE-SU-2022:0765-1
SUSE-SU-2022:0766-1
SUSE-SU-2022:0767-1
SUSE-SU-2022:0768-1
SUSE-SU-2022:1037-1
SUSE-SU-2022:1038-1
SUSE-SU-2022:1039-1
SUSE-SU-2022:1257-1
SUSE-SU-2022:2520-1
SUSE-SU-2022:2615-1
USN-5302-1
USN-5383-1
USN-6681-1
USN-6681-2
USN-6681-3
USN-6681-4
USN-6716-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu