PT-2021-8132 · Linux+4 · Linux Kernel+4

Anatoly Trosinenko

Published

2021-12-18

Updated

2025-02-14

CVE-2021-47107

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a buffer overflow in the NFSD component of the Linux kernel. If a client sends a READDIR count argument that is too small, the buffer size calculation results in an underflow, allowing the XDR stream functions to write beyond the actual buffer. This calculation has always been suspect, and NFSD has never checked the READDIR count argument. The problem was exposed when entry encoding changed, affecting the pointer arithmetic in xdr reserve space(). Modern NFS clients attempt to retrieve as much data as possible for each READDIR request, and there are no unit tests that exercise the behavior of READDIR at the lower bound of @count values.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-120

Related Identifiers

BDU:2024-08394

CESA-2022_7683

CVE-2021-47107

OPENSUSE-SU-2024_1321-1

OPENSUSE-SU-2024_1322-1

OPENSUSE-SU-2024_1322-2

OPENSUSE-SU-2024_1332-1

OPENSUSE-SU-2024_1332-2

OPENSUSE-SU-2024_1466-1

OPENSUSE-SU-2024_1480-1

OPENSUSE-SU-2024_1490-1

RHSA-2022:7683

RHSA-2022_7683

SUSE-SU-2024:1320-1

SUSE-SU-2024:1321-1

SUSE-SU-2024:1466-1

SUSE-SU-2024:1480-1

SUSE-SU-2024:1490-1

Affected Products

Centos

Linux Kernel

Red Hat

Red Os

Suse

PT-2021-8132 · Linux+4 · Linux Kernel+4

CVE-2021-47107

Weakness Enumeration

Related Identifiers

Affected Products

References · 468