Ubuntu.comUB:CVE-2021-4023CVE-2021-4023
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
5.1%
A flaw was found in the io-workqueue implementation in the Linux kernel
versions prior to 5.15-rc1. The kernel can panic when an improper
cancellation operation triggers the submission of new io-uring operations
during a shortage of free space. This flaw allows a local user with
permissions to execute io-uring requests to possibly crash the system.
References
access.redhat.com/security/cve/CVE-2021-4023
git.kernel.dk/cgit/linux-block/commit/?h=io_uring-5.15&id=713b9825a4c47897f66ad69409581e7734a8728e
launchpad.net/bugs/cve/CVE-2021-4023
lkml.org/lkml/2021/9/8/64
nvd.nist.gov/vuln/detail/CVE-2021-4023
security-tracker.debian.org/tracker/CVE-2021-4023
www.cve.org/CVERecord?id=CVE-2021-4023
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
5.1%