CVE-2021-3428

{"id": "CVE-2021-3428", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-03-04T18:15:08.130", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972621", "tags": ["Issue Tracking", "Permissions Required", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://ubuntu.com/security/CVE-2021-3428", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.openwall.com/lists/oss-security/2021/03/17/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972621", "tags": ["Issue Tracking", "Permissions Required", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ubuntu.com/security/CVE-2021-3428", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.openwall.com/lists/oss-security/2021/03/17/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-190"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat."}, {"lang": "es", "value": "Se ha encontrado un fallo en el kernel de Linux. Es identificado un problema de denegaci\u00f3n de servicio si es corrompido un \u00e1rbol de extensiones en un sistema de archivos ext4 dise\u00f1ado en el archivo fs/ext4/extents.c en la funci\u00f3n ext4_es_cache_extent. Fabricando un desbordamiento de enteros, un atacante local con un privilegio de usuario especial puede causar un problema de bloqueo del sistema que puede conllevar a una amenaza de disponibilidad"}], "lastModified": "2024-11-21T06:21:29.090", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9CA5EDA-9CA4-49FA-AF86-7B150825868E", "versionEndExcluding": "5.9.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}