Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-46952
HistoryFeb 27, 2024 - 12:00 a.m.

CVE-2021-46952

2024-02-2700:00:00
ubuntu.com
ubuntu.com
9
linux
kernel
nfs
vulnerability
out-of-bounds
udp
retrans
validation

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0

Percentile

5.1%

In the Linux kernel, the following vulnerability has been resolved: NFS:
fs_context: validate UDP retrans to prevent shift out-of-bounds Fix shift
out-of-bounds in xprt_calc_majortimeo(). This is caused by a garbage
timeout (retrans) mount option being passed to nfs mount, in this case from
syzkaller. If the protocol is XPRT_TRANSPORT_UDP, then ‘retrans’ is a shift
value for a 64-bit long integer, so ‘retrans’ cannot be >= 64. If it is >=
64, fail the mount and return an error.

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0

Percentile

5.1%