Lucene search

Redhat.comRH:CVE-2021-46925

HistoryFeb 27, 2024 - 6:02 p.m.

CVE-2021-46925

2024-02-2718:02:10

redhat.com

access.redhat.com

linux kernel

net/smc

vulnerability resolved

kernel panic

race condition

security patch

code fix

memory access

bug handling

kernel mode

error code

cpu

bios

alibaba cloud ecs

crash

refcount

cdc message

ib device

routine

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A flaw was found in the Linux kernel affecting the net/smc Synchronous Message Channel subsystem. This vulnerability is caused by a race condition between the smc_cdc_tx_handler and smc_release functions and can cause kernel panics.

Mitigation

There are no known mitigations to the problem and Red Hat recommends to update to the latest software.

References

bugzilla.redhat.com/show_bug.cgi?id=2266375

lore.kernel.org/linux-cve-announce/2024022748-CVE-2021-46925-c422@gregkh/T/#u

nvd.nist.gov/vuln/detail/CVE-2021-46925

www.cve.org/CVERecord?id=CVE-2021-46925

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for RH:CVE-2021-46925