CVE-2021-3802

CVSS v2.0

6.3

Medium

Vector

AV:N/AC:M/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions udisks2 (affected versions not specified)

Description The issue is related to the Udisks program for querying and managing storage devices, specifically for ext2/3/4 file systems. It is caused by the default configuration to stop the machine in case of an error. An attacker can exploit this to cause a denial of service using a specially crafted image. This flaw allows an attacker to input a specially crafted image file or USB, leading to a kernel panic. The highest threat from this issue is to system availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2022:1820

ALT-PU-2021-2964

ALT-PU-2021-3501

ALT-PU-2023-4142

AZL-78300

BDU:2022-06045

CESA-2022_1820

CVE-2021-3802

DLA-2809-1

DLA-3387-1

DLA-3387-2

MGASA-2021-0529

OESA-2022-1489

OPENSUSE-SU-2022_1919-1

OPENSUSE-SU-2022_3154-1

RHSA-2022:1820

RHSA-2022_1820

RLSA-2022:1820

SUSE-SU-2022:1919-1

SUSE-SU-2022:3154-1

SUSE-SU-2022:3160-1

SUSE-SU-2022_1919-1

SUSE-SU-2022_3154-1

SUSE-SU-2022_3160-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Red Hat

Rocky Linux

Suse

Udisks2

CVE-2021-3802

Weakness Enumeration

Related Identifiers

Affected Products

References · 49