CVE-2021-47126
Vulnerability from cvelistv5
Published
2024-03-15 20:14
Modified
2024-11-06 16:35
Summary
ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
Impacted products
Vendor Product Version
Linux Linux Version: 5.3
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47126",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:01:23.174452Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:35:28.788Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.956Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ba7fa78a92dc410b6f93ed73075ab669c3a0b59"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09870235827451409ff546b073d754a19fd17e2e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0a462e25ef0f7ab305081a08d435bbd1f13c0a94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/route.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7ba7fa78a92d",
              "status": "affected",
              "version": "f88d8ea67fbd",
              "versionType": "git"
            },
            {
              "lessThan": "098702358274",
              "status": "affected",
              "version": "f88d8ea67fbd",
              "versionType": "git"
            },
            {
              "lessThan": "0a462e25ef0f",
              "status": "affected",
              "version": "f88d8ea67fbd",
              "versionType": "git"
            },
            {
              "lessThan": "821bbf79fe46",
              "status": "affected",
              "version": "f88d8ea67fbd",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/route.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions\n\nReported by syzbot:\nHEAD commit:    90c911ad Merge tag \u0027fixes\u0027 of git://git.kernel.org/pub/scm..\ngit tree:       git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master\ndashboard link: https://syzkaller.appspot.com/bug?extid=123aa35098fd3c000eb7\ncompiler:       Debian clang version 11.0.1-2\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in fib6_nh_get_excptn_bucket net/ipv6/route.c:1604 [inline]\nBUG: KASAN: slab-out-of-bounds in fib6_nh_flush_exceptions+0xbd/0x360 net/ipv6/route.c:1732\nRead of size 8 at addr ffff8880145c78f8 by task syz-executor.4/17760\n\nCPU: 0 PID: 17760 Comm: syz-executor.4 Not tainted 5.12.0-rc8-syzkaller #0\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x202/0x31e lib/dump_stack.c:120\n print_address_description+0x5f/0x3b0 mm/kasan/report.c:232\n __kasan_report mm/kasan/report.c:399 [inline]\n kasan_report+0x15c/0x200 mm/kasan/report.c:416\n fib6_nh_get_excptn_bucket net/ipv6/route.c:1604 [inline]\n fib6_nh_flush_exceptions+0xbd/0x360 net/ipv6/route.c:1732\n fib6_nh_release+0x9a/0x430 net/ipv6/route.c:3536\n fib6_info_destroy_rcu+0xcb/0x1c0 net/ipv6/ip6_fib.c:174\n rcu_do_batch kernel/rcu/tree.c:2559 [inline]\n rcu_core+0x8f6/0x1450 kernel/rcu/tree.c:2794\n __do_softirq+0x372/0x7a6 kernel/softirq.c:345\n invoke_softirq kernel/softirq.c:221 [inline]\n __irq_exit_rcu+0x22c/0x260 kernel/softirq.c:422\n irq_exit_rcu+0x5/0x20 kernel/softirq.c:434\n sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1100\n \u003c/IRQ\u003e\n asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:632\nRIP: 0010:lock_acquire+0x1f6/0x720 kernel/locking/lockdep.c:5515\nCode: f6 84 24 a1 00 00 00 02 0f 85 8d 02 00 00 f7 c3 00 02 00 00 49 bd 00 00 00 00 00 fc ff df 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u003c4b\u003e c7 44 3d 00 00 00 00 00 4b c7 44 3d 09 00 00 00 00 43 c7 44 3d\nRSP: 0018:ffffc90009e06560 EFLAGS: 00000206\nRAX: 1ffff920013c0cc0 RBX: 0000000000000246 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc90009e066e0 R08: dffffc0000000000 R09: fffffbfff1f992b1\nR10: fffffbfff1f992b1 R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920013c0cb4\n rcu_lock_acquire+0x2a/0x30 include/linux/rcupdate.h:267\n rcu_read_lock include/linux/rcupdate.h:656 [inline]\n ext4_get_group_info+0xea/0x340 fs/ext4/ext4.h:3231\n ext4_mb_prefetch+0x123/0x5d0 fs/ext4/mballoc.c:2212\n ext4_mb_regular_allocator+0x8a5/0x28f0 fs/ext4/mballoc.c:2379\n ext4_mb_new_blocks+0xc6e/0x24f0 fs/ext4/mballoc.c:4982\n ext4_ext_map_blocks+0x2be3/0x7210 fs/ext4/extents.c:4238\n ext4_map_blocks+0xab3/0x1cb0 fs/ext4/inode.c:638\n ext4_getblk+0x187/0x6c0 fs/ext4/inode.c:848\n ext4_bread+0x2a/0x1c0 fs/ext4/inode.c:900\n ext4_append+0x1a4/0x360 fs/ext4/namei.c:67\n ext4_init_new_dir+0x337/0xa10 fs/ext4/namei.c:2768\n ext4_mkdir+0x4b8/0xc00 fs/ext4/namei.c:2814\n vfs_mkdir+0x45b/0x640 fs/namei.c:3819\n ovl_do_mkdir fs/overlayfs/overlayfs.h:161 [inline]\n ovl_mkdir_real+0x53/0x1a0 fs/overlayfs/dir.c:146\n ovl_create_real+0x280/0x490 fs/overlayfs/dir.c:193\n ovl_workdir_create+0x425/0x600 fs/overlayfs/super.c:788\n ovl_make_workdir+0xed/0x1140 fs/overlayfs/super.c:1355\n ovl_get_workdir fs/overlayfs/super.c:1492 [inline]\n ovl_fill_super+0x39ee/0x5370 fs/overlayfs/super.c:2035\n mount_nodev+0x52/0xe0 fs/super.c:1413\n legacy_get_tree+0xea/0x180 fs/fs_context.c:592\n vfs_get_tree+0x86/0x270 fs/super.c:1497\n do_new_mount fs/namespace.c:2903 [inline]\n path_mount+0x196f/0x2be0 fs/namespace.c:3233\n do_mount fs/namespace.c:3246 [inline]\n __do_sys_mount fs/namespace.c:3454 [inline]\n __se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3431\n do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x4665f9\nCode: ff ff c3 66 2e 0f 1f 84 \n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:55.478Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7ba7fa78a92dc410b6f93ed73075ab669c3a0b59"
        },
        {
          "url": "https://git.kernel.org/stable/c/09870235827451409ff546b073d754a19fd17e2e"
        },
        {
          "url": "https://git.kernel.org/stable/c/0a462e25ef0f7ab305081a08d435bbd1f13c0a94"
        },
        {
          "url": "https://git.kernel.org/stable/c/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754"
        }
      ],
      "title": "ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47126",
    "datePublished": "2024-03-15T20:14:30.948Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2024-11-06T16:35:28.788Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-47126\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-15T21:15:07.357\",\"lastModified\":\"2024-11-21T06:35:26.907\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions\\n\\nReported by syzbot:\\nHEAD commit:    90c911ad Merge tag \u0027fixes\u0027 of git://git.kernel.org/pub/scm..\\ngit tree:       git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master\\ndashboard link: https://syzkaller.appspot.com/bug?extid=123aa35098fd3c000eb7\\ncompiler:       Debian clang version 11.0.1-2\\n\\n==================================================================\\nBUG: KASAN: slab-out-of-bounds in fib6_nh_get_excptn_bucket net/ipv6/route.c:1604 [inline]\\nBUG: KASAN: slab-out-of-bounds in fib6_nh_flush_exceptions+0xbd/0x360 net/ipv6/route.c:1732\\nRead of size 8 at addr ffff8880145c78f8 by task syz-executor.4/17760\\n\\nCPU: 0 PID: 17760 Comm: syz-executor.4 Not tainted 5.12.0-rc8-syzkaller #0\\nCall Trace:\\n \u003cIRQ\u003e\\n __dump_stack lib/dump_stack.c:79 [inline]\\n dump_stack+0x202/0x31e lib/dump_stack.c:120\\n print_address_description+0x5f/0x3b0 mm/kasan/report.c:232\\n __kasan_report mm/kasan/report.c:399 [inline]\\n kasan_report+0x15c/0x200 mm/kasan/report.c:416\\n fib6_nh_get_excptn_bucket net/ipv6/route.c:1604 [inline]\\n fib6_nh_flush_exceptions+0xbd/0x360 net/ipv6/route.c:1732\\n fib6_nh_release+0x9a/0x430 net/ipv6/route.c:3536\\n fib6_info_destroy_rcu+0xcb/0x1c0 net/ipv6/ip6_fib.c:174\\n rcu_do_batch kernel/rcu/tree.c:2559 [inline]\\n rcu_core+0x8f6/0x1450 kernel/rcu/tree.c:2794\\n __do_softirq+0x372/0x7a6 kernel/softirq.c:345\\n invoke_softirq kernel/softirq.c:221 [inline]\\n __irq_exit_rcu+0x22c/0x260 kernel/softirq.c:422\\n irq_exit_rcu+0x5/0x20 kernel/softirq.c:434\\n sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1100\\n \u003c/IRQ\u003e\\n asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:632\\nRIP: 0010:lock_acquire+0x1f6/0x720 kernel/locking/lockdep.c:5515\\nCode: f6 84 24 a1 00 00 00 02 0f 85 8d 02 00 00 f7 c3 00 02 00 00 49 bd 00 00 00 00 00 fc ff df 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u003c4b\u003e c7 44 3d 00 00 00 00 00 4b c7 44 3d 09 00 00 00 00 43 c7 44 3d\\nRSP: 0018:ffffc90009e06560 EFLAGS: 00000206\\nRAX: 1ffff920013c0cc0 RBX: 0000000000000246 RCX: dffffc0000000000\\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\\nRBP: ffffc90009e066e0 R08: dffffc0000000000 R09: fffffbfff1f992b1\\nR10: fffffbfff1f992b1 R11: 0000000000000000 R12: 0000000000000000\\nR13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920013c0cb4\\n rcu_lock_acquire+0x2a/0x30 include/linux/rcupdate.h:267\\n rcu_read_lock include/linux/rcupdate.h:656 [inline]\\n ext4_get_group_info+0xea/0x340 fs/ext4/ext4.h:3231\\n ext4_mb_prefetch+0x123/0x5d0 fs/ext4/mballoc.c:2212\\n ext4_mb_regular_allocator+0x8a5/0x28f0 fs/ext4/mballoc.c:2379\\n ext4_mb_new_blocks+0xc6e/0x24f0 fs/ext4/mballoc.c:4982\\n ext4_ext_map_blocks+0x2be3/0x7210 fs/ext4/extents.c:4238\\n ext4_map_blocks+0xab3/0x1cb0 fs/ext4/inode.c:638\\n ext4_getblk+0x187/0x6c0 fs/ext4/inode.c:848\\n ext4_bread+0x2a/0x1c0 fs/ext4/inode.c:900\\n ext4_append+0x1a4/0x360 fs/ext4/namei.c:67\\n ext4_init_new_dir+0x337/0xa10 fs/ext4/namei.c:2768\\n ext4_mkdir+0x4b8/0xc00 fs/ext4/namei.c:2814\\n vfs_mkdir+0x45b/0x640 fs/namei.c:3819\\n ovl_do_mkdir fs/overlayfs/overlayfs.h:161 [inline]\\n ovl_mkdir_real+0x53/0x1a0 fs/overlayfs/dir.c:146\\n ovl_create_real+0x280/0x490 fs/overlayfs/dir.c:193\\n ovl_workdir_create+0x425/0x600 fs/overlayfs/super.c:788\\n ovl_make_workdir+0xed/0x1140 fs/overlayfs/super.c:1355\\n ovl_get_workdir fs/overlayfs/super.c:1492 [inline]\\n ovl_fill_super+0x39ee/0x5370 fs/overlayfs/super.c:2035\\n mount_nodev+0x52/0xe0 fs/super.c:1413\\n legacy_get_tree+0xea/0x180 fs/fs_context.c:592\\n vfs_get_tree+0x86/0x270 fs/super.c:1497\\n do_new_mount fs/namespace.c:2903 [inline]\\n path_mount+0x196f/0x2be0 fs/namespace.c:3233\\n do_mount fs/namespace.c:3246 [inline]\\n __do_sys_mount fs/namespace.c:3454 [inline]\\n __se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3431\\n do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46\\n entry_SYSCALL_64_after_hwframe+0x44/0xae\\nRIP: 0033:0x4665f9\\nCode: ff ff c3 66 2e 0f 1f 84 \\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipv6: Correcci\u00f3n KASAN: slab-out-of-bounds Leer en fib6_nh_flush_exceptions Reportado por syzbot: HEAD commit: 90c911ad Merge tag \u0027fixes\u0027 de git://git.kernel.org /pub/scm.. \u00e1rbol git: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git enlace del panel maestro: https://syzkaller.appspot.com/bug? extid=123aa35098fd3c000eb7 compilador: Debian clang versi\u00f3n 11.0.1-2 ===================================== ============================= ERROR: KASAN: losa fuera de los l\u00edmites en fib6_nh_get_excptn_bucket net/ipv6/route.c: 1604 [en l\u00ednea] ERROR: KASAN: losa fuera de los l\u00edmites en fib6_nh_flush_exceptions+0xbd/0x360 net/ipv6/route.c:1732 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff8880145c78f8 por la tarea syz-executor.4/17760 CPU: 0 PID : 17760 Comm: syz-executor.4 No contaminado 5.12.0-rc8-syzkaller #0 Seguimiento de llamadas:  __dump_stack lib/dump_stack.c:79 [en l\u00ednea] dump_stack+0x202/0x31e lib/dump_stack.c:120 print_address_description +0x5f/0x3b0 mm/kasan/report.c:232 __kasan_report mm/kasan/report.c:399 [en l\u00ednea] kasan_report+0x15c/0x200 mm/kasan/report.c:416 fib6_nh_get_excptn_bucket net/ipv6/route.c:1604 [en l\u00ednea] fib6_nh_flush_exceptions+0xbd/0x360 net/ipv6/route.c:1732 fib6_nh_release+0x9a/0x430 net/ipv6/route.c:3536 fib6_info_destroy_rcu+0xcb/0x1c0 net/ipv6/ip6_fib.c:174 rcu_do_batch kernel /rcu/ tree.c:2559 [en l\u00ednea] rcu_core+0x8f6/0x1450 kernel/rcu/tree.c:2794 __do_softirq+0x372/0x7a6 kernel/softirq.c:345 invoke_softirq kernel/softirq.c:221 [en l\u00ednea] __irq_exit_rcu+0x22c/0x260 kernel/softirq.c:422 irq_exit_rcu+0x5/0x20 kernel/softirq.c:434 sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1100  asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/ include/asm/idtentry.h:632 RIP: 0010:lock_acquire+0x1f6/0x720 kernel/locking/lockdep.c:5515 C\u00f3digo: f6 84 24 a1 00 00 00 02 0f 85 8d 02 00 00 f7 c3 00 02 00 00 49 bd 00 00 00 00 00 fc ff df 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u0026lt;4b\u0026gt; c7 44 3d 00 00 00 00 00 4b c7 44 3d 09 00 00 00 00 43 c7 44 3d RSP: 0018:ffffc90009e06560 EFLAGS: 00000206 RAX: 1ffff920013c0cc0 RBX: 0000000000000246 RCX: dffffc0000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000 000000 RBP: ffffc90009e066e0 R08: dffffc0000000000 R09: ffffbfff1f992b1 R10: ffffbfff1f992b1 R11: 00000000000000000 R12: 0000000000000000 R13: dffff c0000000000 R14: 0000000000000000 R15: 1ffff920013c0cb4 rcu_lock_acquire+ 0x2a/0x30 include/linux/rcupdate.h:267 rcu_read_lock include/linux/rcupdate.h:656 [en l\u00ednea] ext4_get_group_info+0xea/0x340 fs/ext4/ext4.h:3231 text4_mb_prefetch+0x123/0x5d0 fs/ext4/mballoc. c:2212 ext4_mb_regular_allocator+0x8a5/0x28f0 fs/ext4/mballoc.c:2379 ext4_mb_new_blocks+0xc6e/0x24f0 fs/ext4/mballoc.c:4982 ext4_ext_map_blocks+0x2be3/0x7210 fs/ext4/extents.c :4238 text4_map_blocks+0xab3/0x1cb0 fs/ext4/inode.c:638 text4_getblk+0x187/0x6c0 fs/ext4/inode.c:848 text4_bread+0x2a/0x1c0 fs/ext4/inode.c:900 text4_append+0x1a4/0x360 fs/ext4/namei.c: 67 ext4_init_new_dir+0x337/0xa10 fs/ext4/namei.c:2768 ext4_mkdir+0x4b8/0xc00 fs/ext4/namei.c:2814 vfs_mkdir+0x45b/0x640 fs/namei.c:3819 ovl_do_mkdir fs/overlayfs/over layfs.h: 161 [en l\u00ednea] ovl_mkdir_real+0x53/0x1a0 fs/overlayfs/dir.c:146 ovl_create_real+0x280/0x490 fs/overlayfs/dir.c:193 ovl_workdir_create+0x425/0x600 fs/overlayfs/super.c:788 ovl_make_workdir+0 fijo/ 0x1140 fs/overlayfs/super.c:1355 ovl_get_workdir fs/overlayfs/super.c:1492 [en l\u00ednea] ovl_fill_super+0x39ee/0x5370 fs/overlayfs/super.c:2035 mount_nodev+0x52/0xe0 fs/super.c:1413 Legacy_get_tree +0xea/0x180 fs/fs_context.c:592 vfs_get_tree+0x86/0x270 fs/super.c:1497 do_new_mount fs/namespace.c:2903 [en l\u00ednea] path_mount+0x196f/0x2be0 fs/namespace.c:3233 do_mount fs/namespace .c:3246 [en l\u00ednea]---truncado---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/09870235827451409ff546b073d754a19fd17e2e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/0a462e25ef0f7ab305081a08d435bbd1f13c0a94\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7ba7fa78a92dc410b6f93ed73075ab669c3a0b59\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/09870235827451409ff546b073d754a19fd17e2e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/0a462e25ef0f7ab305081a08d435bbd1f13c0a94\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/7ba7fa78a92dc410b6f93ed73075ab669c3a0b59\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.