A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.

Affected configurations

NVD

Node

linuxlinux_kernelRange<5.16

References

access.redhat.com/security/cve/CVE-2021-4155

bugzilla.redhat.com/show_bug.cgi?id=2034813

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79

security-tracker.debian.org/tracker/CVE-2021-4155

www.openwall.com/lists/oss-security/2022/01/10/1

cbl_mariner 2

redhatcve 1

cvelist 1

redhat 26

debiancve 1

nessus 72

f5 1

virtuozzo 3

prion 1

ubuntucve 1

veracode 1

cve 1

osv 14

rocky 4

oraclelinux 11

almalinux 1

ibm 4

photon 6

cloudlinux 2

ubuntu 10

openvas 25

mageia 2

cloudfoundry 2

amazon 4

centos 1

debian 1

suse 1

cbl_mariner

CVE-2021-4155 affecting package kernel for versions less than 5.15.67.1-4

2022-10-05 23:34:27

CVE-2021-4155 affecting package kernel 5.10.131.1-1

2022-09-17 05:57:05

redhatcve

CVE-2021-4155

2022-05-07 14:17:19

cvelist

CVE-2021-4155

2022-08-24 15:10:19

redhat

(RHSA-2022:0530) Important: kernel security update

2022-02-15 09:06:12

(RHSA-2022:0335) Important: kpatch-patch security update

2022-02-01 10:43:10

(RHSA-2022:0344) Important: kernel security update

2022-02-01 13:56:19

debiancve

CVE-2021-4155

2022-08-24 16:15:09

nessus

RHEL 8 : kpatch-patch (RHSA-2022:0335)

2022-02-01 00:00:00

RHEL 7 : kernel (RHSA-2022:0530)

2022-02-15 00:00:00

RHEL 8 : kernel (RHSA-2022:0344)

2022-02-02 00:00:00

K71080411 : Linux kernel vulnerability CVE-2021-4155

2022-04-27 00:00:00

virtuozzo

[Important] [Security] New kernel 2.6.32-042stab146.2; Virtuozzo 6.0 Update 12 Hotfix 55 (6.0.12-3762)

2021-01-11 00:00:00

[Important] [Security] New kernel 2.6.32-042stab146.2; Virtuozzo 6.0 Update 12 Hotfix 55 (6.0.12-3762)

2021-01-11 00:00:00

[Important] [Security] Virtuozzo ReadyKernel patch 146.1 for Virtuozzo Hybrid Server 7.5

2022-08-22 00:00:00

prion

Design/Logic Flaw

2022-08-24 16:15:00

ubuntucve

CVE-2021-4155

2021-12-31 00:00:00

veracode

Information Disclosure

2022-01-30 00:40:56

cve

CVE-2021-4155

2022-08-24 16:15:09

osv

Important: kernel security and bug fix update

2022-01-19 13:59:09

Important: kernel security and bug fix update

2022-01-19 13:59:09

Important: kernel-rt security and bug fix update

2022-01-19 09:43:06

rocky

kernel security and bug fix update

2022-01-19 13:59:09

kernel-rt security and bug fix update

2022-01-19 22:58:41

kernel-rt security and bug fix update

2022-01-19 09:43:06

oraclelinux

kernel security and bug fix update

2022-01-21 00:00:00

Unbreakable Enterprise kernel security update

2022-01-10 00:00:00

Unbreakable Enterprise kernel-container security update

2022-01-10 00:00:00

almalinux

Important: kernel security and bug fix update

2022-01-19 13:59:09

ibm

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

2022-06-03 10:36:45

Security Bulletin: Vulnerabilities in the Linux Kernel affect IBM Spectrum Copy Data Management

2022-06-09 17:51:49

Security Bulletin: IBM QRadar Network Packet Capture is using components with known vulnerabilities

2022-03-31 14:40:20

photon

Moderate Photon OS Security Update - PHSA-2022-0351

2022-01-08 00:00:00

Important Photon OS Security Update - PHSA-2022-3.0-0351

2022-01-13 00:00:00

Moderate Photon OS Security Update - PHSA-2021-0461

2021-11-29 00:00:00

cloudlinux

Fix of CVE: CVE-2021-0920, CVE-2022-0492, CVE-2020-0466, CVE-2021-4155

2022-04-26 15:23:09

Fix of CVE: CVE-2020-0466, CVE-2022-0492, CVE-2021-4155, CVE-2021-0920

2022-04-26 15:21:28

ubuntu

Linux kernel (HWE) vulnerabilities

2022-02-18 00:00:00

Linux kernel vulnerabilities

2022-02-22 00:00:00

Linux kernel (AWS) vulnerabilities

2023-02-23 00:00:00

openvas

Ubuntu: Security Advisory (USN-5295-2)

2022-02-23 00:00:00

Ubuntu: Security Advisory (USN-5295-1)

2022-02-18 00:00:00

Ubuntu: Security Advisory (USN-5926-1)

2023-03-07 00:00:00

mageia

Updated kernel-linus packages fix security vulnerabilities

2022-01-18 18:43:35

Updated kernel packages fix security vulnerabilities

2022-01-18 18:43:35

cloudfoundry

USN-5294-2: Linux kernel vulnerabilities | Cloud Foundry

2022-03-11 00:00:00

USN-5298-1: Linux kernel vulnerabilities | Cloud Foundry

2022-04-21 00:00:00

amazon

Important: kernel

2022-02-04 23:25:00

Important: kernel

2022-02-04 23:24:00

Important: kernel

2023-02-17 00:02:00

centos

bpftool, kernel, perf, python security update

2022-02-25 15:41:18

debian

[SECURITY] [DSA 5050-1] linux security update

2022-01-20 16:46:05

suse

Security update for the Linux Kernel (important)

2022-09-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2021-4155

cbl_mariner2 redhatcve1 cvelist1 redhat26 debiancve1 nessus72 f51 virtuozzo3 prion1 ubuntucve1 veracode1 cve1 osv14 rocky4 oraclelinux11 almalinux1 ibm4 photon6 cloudlinux2 ubuntu10 openvas25 mageia2 cloudfoundry2 amazon4 centos1 debian1 suse1