PT-2021-7264 · Linux+8 · Linux Kernel+8

Published

2021-04-14

·

Updated

2023-01-17

·

CVE-2021-4157

CVSS v3.1

8.0

High

VectorAV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw in the Linux kernel NFS subsystem allows for an out of memory bounds write, potentially enabling a user with access to the NFS mount to crash the system or escalate privileges. This issue is related to the way users utilize mirroring, or replication of files with NFS.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2022:1988
ALT-PU-2021-1873
ALT-PU-2021-1874
ALT-PU-2021-1888
ALT-PU-2021-1893
ALT-PU-2021-1896
ALT-PU-2021-1912
ALT-PU-2021-1920
ALT-PU-2021-1961
ALT-PU-2021-1985
ALT-PU-2021-1990
ALT-PU-2021-2293
ALT-PU-2021-2305
ALT-PU-2021-2307
ALT-PU-2021-2671
ALT-PU-2021-3481
BDU:2022-04604
CESA-2022_1975
CESA-2022_1988
CVE-2021-4157
OESA-2022-1940
OPENSUSE-SU-2022:2549-1
OPENSUSE-SU-2022_2376-1
OPENSUSE-SU-2022_2411-1
OPENSUSE-SU-2022_2422-1
OPENSUSE-SU-2022_2549-1
RHSA-2022:1975
RHSA-2022:1988
RHSA-2022_1975
RHSA-2022_1988
RLSA-2022:1975
RLSA-2022:1988
SUSE-SU-2022:2376-1
SUSE-SU-2022:2377-1
SUSE-SU-2022:2379-1
SUSE-SU-2022:2382-1
SUSE-SU-2022:2393-1
SUSE-SU-2022:2407-1
SUSE-SU-2022:2411-1
SUSE-SU-2022:2424-1
SUSE-SU-2022:2424-2
SUSE-SU-2022:2478-1
SUSE-SU-2022:2549-1
SUSE-SU-2022:2629-1
SUSE-SU-2022:2809-1
USN-5413-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu