Vulnerability Details : CVE-2021-4090
An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat.
Vulnerability category: Memory Corruption
Products affected by CVE-2021-4090
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.16:-:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-4090
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-4090
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.6
|
MEDIUM | AV:L/AC:L/Au:N/C:C/I:C/A:N |
3.9
|
9.2
|
NIST | |
7.1
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
1.8
|
5.2
|
NIST |
CWE ids for CVE-2021-4090
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2021-4090
-
https://bugzilla.redhat.com/show_bug.cgi?id=2025101
2025101 – (CVE-2021-4090) CVE-2021-4090 kernel: Overflow of bmval[bmlen-1] in nfsd4_decode_bitmap functionIssue Tracking;Patch;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20220318-0010/
CVE-2021-4090 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lore.kernel.org/linux-nfs/163692036074.16710.5678362976688977923.stgit@klimt.1015granger.net/
[PATCH v1] NFSD: Fix exposure in nfsd4_decode_bitmap() - Chuck LeverPatch;Vendor Advisory
Jump to