cnvd - cnvd-2021-13229

cnvd-2021-13229

Vulnerability from cnvd

Title: Linux kernel io_grab_files()拒绝服务漏洞

Description:

Linux Kernel是一套开源的操作系统。

Linux kernel io_grab_files()存在安全漏洞，本地攻击者可利用该漏洞提交特殊的请求，可使系统崩溃。

Severity: 中

Patch Name: Linux kernel io_grab_files()拒绝服务漏洞的补丁

Patch Description:

Linux Kernel是一套开源的操作系统。

Linux kernel io_grab_files()存在安全漏洞，本地攻击者可利用该漏洞提交特殊的请求，可使系统崩溃。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://access.redhat.com/security/cve/cve-2021-20226

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-20226

Impacted products

Name
Linux Linux kernel

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-20226",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-20226"
    }
  },
  "description": "Linux Kernel\u662f\u4e00\u5957\u5f00\u6e90\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nLinux kernel io_grab_files()\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u4f7f\u7cfb\u7edf\u5d29\u6e83\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://access.redhat.com/security/cve/cve-2021-20226",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-13229",
  "openTime": "2021-02-27",
  "patchDescription": "Linux Kernel\u662f\u4e00\u5957\u5f00\u6e90\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nLinux kernel io_grab_files()\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u53ef\u4f7f\u7cfb\u7edf\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Linux kernel io_grab_files()\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Linux Linux kernel"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-20226",
  "serverity": "\u4e2d",
  "submitTime": "2021-02-21",
  "title": "Linux kernel io_grab_files()\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2021-20226 (GCVE-0-2021-20226)

Vulnerability from cvelistv5

Published

2021-02-23 16:36

Modified

2024-08-03 17:30

Severity ?

CWE

CWE-416

Summary

A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. The highest threat from this vulnerability is to data integrity, confidentiality and system availability.

References

▼	URL	Tags
	https://bugzilla.redhat.com/show_bug.cgi?id=1873476	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-20210401-0001/	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	kernel	Version: kernel 5.10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:30:07.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873476"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210401-0001/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kernel",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "kernel 5.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. The highest threat from this vulnerability is to data integrity, confidentiality and system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-01T07:06:21",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873476"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20210401-0001/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2021-20226",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "kernel 5.10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. The highest threat from this vulnerability is to data integrity, confidentiality and system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1873476",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873476"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210401-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20210401-0001/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20226",
    "datePublished": "2021-02-23T16:36:29",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:30:07.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted