CVE-2021-4157
HIGHLinux Kernel 4.0-4.4.268 - Memory Corruption in NFS Mirroring
Title source: llmDescription
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.
References (4)
Core 4
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=2034342
Mailing List x_refsource_misc
https://lore.kernel.org/lkml/20210517140244.822185482%40linuxfoundation.org/
Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujul2022.html
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20220602-0007/
Scores
CVSS v3
8.0
EPSS
0.0006
EPSS Percentile
17.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (12)
fedoraproject/fedora
35
linux/linux_kernel
4.0 - 4.4.269
netapp/h300e_firmware
netapp/h300s_firmware
netapp/h410s_firmware
netapp/h500e_firmware
netapp/h500s_firmware
netapp/h700e_firmware
netapp/h700s_firmware
oracle/communications_cloud_native_core_binding_support_function
22.1.1
... and 2 more
Published
Mar 25, 2022
Tracked Since
Feb 18, 2026