Lucene search
LinuxVULNRICHMENT:CVE-2021-46952HistoryFeb 27, 2024 - 6:40 p.m.
CVE-2021-46952 NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds
2024-02-2718:40:35
Linux
github.com
3
linux kernel
nfs
vulnerability
In the Linux kernel, the following vulnerability has been resolved:
NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds
Fix shift out-of-bounds in xprt_calc_majortimeo(). This is caused
by a garbage timeout (retrans) mount option being passed to nfs mount,
in this case from syzkaller.
If the protocol is XPRT_TRANSPORT_UDP, then ‘retrans’ is a shift
value for a 64-bit long integer, so ‘retrans’ cannot be >= 64.
If it is >= 64, fail the mount and return an error.
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "9954bf92c0cd",
"lessThan": "96fa26b74cdc",
"versionType": "git"
},
{
"status": "affected",
"version": "9954bf92c0cd",
"lessThan": "2f3380121d49",
"versionType": "git"
},
{
"status": "affected",
"version": "9954bf92c0cd",
"lessThan": "3d0163821c03",
"versionType": "git"
},
{
"status": "affected",
"version": "9954bf92c0cd",
"lessThan": "c09f11ef3595",
"versionType": "git"
}
],
"programFiles": [
"fs/nfs/fs_context.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "5.6",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.10.36",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.11.20",
"versionType": "custom",
"lessThanOrEqual": "5.11.*"
},
{
"status": "unaffected",
"version": "5.12.3",
"versionType": "custom",
"lessThanOrEqual": "5.12.*"
},
{
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"fs/nfs/fs_context.c"
],
"defaultStatus": "affected"
}
]Related
cvelist
cvelist
redhatcve
redhatcve
CVE-2021-46952
2024-02-28 08:12:52
debiancve
debiancve
CVE-2021-46952
2024-02-27 19:04:06
cve
cve
CVE-2021-46952
2024-02-27 19:04:06
prion
prion
Spoofing
2024-02-27 19:04:00
ubuntucve
ubuntucve
CVE-2021-46952
2024-02-27 00:00:00
nvd
nvd
CVE-2021-46952
2024-02-27 19:04:06
nessus
nessus
Photon OS 3.0: Linux PHSA-2024-3.0-0753
2024-07-24 00:00:00
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2024-2070)
2024-08-06 00:00:00
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1570)
2024-05-09 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2070)
2024-08-07 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1570)
2024-05-10 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2002)
2024-07-19 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0753
2024-04-29 00:00:00
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2021-46952