Lucene search

[email protected]CVE-2021-38203

HistoryAug 08, 2021 - 8:15 p.m.

CVE-2021-38203

2021-08-0820:15:00

CWE-667

[email protected]

web.nvd.nist.gov

cve-2021-38203

linux kernel

btrfs

denial of service

deadlock

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

27.7%

JSON

btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt5.13.4
netapp:hci_bootstrap_osnetapp hci bootstrap oseq-
netapp:solidfirenetapp solidfireeq-
netapp:hci_management_nodenetapp hci management nodeeq-
netapp:element_softwarenetapp element softwareeq-

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	5.13.4
netapp:hci_bootstrap_os	netapp hci bootstrap os	eq	-
netapp:solidfire	netapp solidfire	eq	-
netapp:hci_management_node	netapp hci management node	eq	-
netapp:element_software	netapp element software	eq	-