CVE-2021-38202

HIGH

Linux Kernel < 5.13.4 - Denial of Service via NFS Trace Event Framework

Title source: llm
STIX 2.1

Description

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.

References (4)

Core 4

Scores

CVSS v3 7.5
EPSS 0.0319
EPSS Percentile 86.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-125
Status published
Products (5)
linux/linux_kernel < 5.13.4
netapp/element_software
netapp/hci_bootstrap_os
netapp/hci_management_node
netapp/solidfire
Published Aug 08, 2021
Tracked Since Feb 18, 2026