CVE-2021-3739

Опубликовано: 06 авг. 2021

Источник: redhat

CVSS3: 6.2

EPSS Низкий

Описание

A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability.

Отчет

There is no shipped kernel version seen affected by this problem. These files are not built in our source code.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=1997958kernel: null-ptr-dereference bug in btrfs_rm_device in fs/btrfs/volumes.c

EPSS

Процентиль: 4%

0.0002

Низкий

6.2 Medium

CVSS3

Связанные уязвимости

CVE-2021-3739

CVSS3: 7.1

ubuntu

больше 3 лет назад

CVE-2021-3739

CVSS3: 7.1

nvd

больше 3 лет назад

CVE-2021-3739

CVSS3: 7.1

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-3739

CVSS3: 7.1

debian

больше 3 лет назад

A NULL pointer dereference flaw was found in the btrfs_rm_device funct ...

ELSA-2021-9461

oracle-oval

больше 3 лет назад

ELSA-2021-9461: Unbreakable Enterprise kernel-container security update (IMPORTANT)

EPSS

Процентиль: 4%

0.0002

Низкий

6.2 Medium

CVSS3