Veracode Vulnerability DatabaseVERACODE:35283Denial Of Service (DoS)
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
14.4%
linux-gcp:focal is vulnerable to denial of service. __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel causes an out-of-bounds memory access when an inode has an invalid last xattr entry.
References
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-45469
www.openwall.com/lists/oss-security/2021/12/25/1
bugzilla.kernel.org/show_bug.cgi?id=215235
git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=dev&id=5598b24efaf4892741c798b425d543e4bed357a1
lists.debian.org/debian-lts-announce/2022/03/msg00012.html
lists.fedoraproject.org/archives/list/[email protected]/message/AK2C4A43BZSWATZWFUHHHUQF3HPIALNP/
lists.fedoraproject.org/archives/list/[email protected]/message/QG7XV2WXKMSMKIQKIBG5LW3Y3GXEWG5Q/
security.netapp.com/advisory/ntap-20220114-0003/
www.debian.org/security/2022/dsa-5050
www.debian.org/security/2022/dsa-5096
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
14.4%