{"id": "CVE-2021-4157", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"version": "2.0", "baseScore": 7.4, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 4.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "
[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.0, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.1}]}, "published": "2022-03-25T19:15:09.703", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://lore.kernel.org/lkml/20210517140244.822185482%40linuxfoundation.org/", "source": "
[email protected]"}, {"url": "https://security.netapp.com/advisory/ntap-20220602-0007/", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Third Party Advisory"], "source": "
[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lore.kernel.org/lkml/20210517140244.822185482%40linuxfoundation.org/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20220602-0007/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-119"}]}, {"type": "Primary", "source": "
[email protected]", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo de escritura fuera de los l\u00edmites de la memoria (1 o 2 bytes de memoria) en el subsistema NFS del kernel de Linux en la forma en que los usuarios usan el mirroring (replicaci\u00f3n de archivos con NFS). Un usuario, que tenga acceso al montaje NFS, podr\u00eda potencialmente usar este fallo para bloquear el sistema o escalar privilegios en el sistema"}], "lastModified": "2024-11-21T06:37:01.807", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F696C839-D545-4E11-8908-FA86DC440462", "versionEndExcluding": "4.4.269", "versionStartIncluding": "4.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E86BB03-C8D1-4E43-ADC4-64C340941D4B", "versionEndExcluding": "4.9.269", "versionStartIncluding": "4.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4836AF17-022D-49D0-9A8A-AF66FE8DCEB8", "versionEndExcluding": "4.14.233", "versionStartIncluding": "4.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B6E6817-19A8-4C0A-8807-71DA48CF9191", "versionEndExcluding": "4.19.191", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BDC71CF-4451-4D53-93E9-61DE7C4E25B0", "versionEndExcluding": "5.4.120", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BB4E5E8-4AAD-475A-A1B9-F287254C7D72", "versionEndExcluding": "5.10.38", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E", "versionEndExcluding": "5.11.22", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B", "versionEndExcluding": "5.12.5", "versionStartIncluding": "5.12"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6543E60C-2FCB-4317-8066-E7256630DF69"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEA64107-8025-4DC7-8222-F898ADEC6864"}], "operator": "OR"}]}], "sourceIdentifier": "
[email protected]"}
