Vulnerability Name:

CVE-2021-4157 (CCN-222607)

Assigned:2021-05-17
Published:2021-05-17
Updated:2023-01-17
Summary:An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.
CVSS v3 Severity:8.0 High (CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.0 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
5.9 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H)
5.2 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): High
CVSS v2 Severity:7.4 High (CVSS v2 Vector: AV:A/AC:M/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2021-4157

Source: CCN
Type: Red Hat Bugzilla - Bug 2034342
(CVE-2021-4157) - CVE-2021-4157 kernel: Buffer overwrite in decode_nfs_fh function

Source: secalert@redhat.com
Type: Issue Tracking, Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
linux-kernel-cve20214157-priv-esc(222607)

Source: CCN
Type: Linux Kernel Web site
[PATCH 5.4 061/141] pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()

Source: secalert@redhat.com
Type: Exploit, Mailing List, Patch, Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: IBM Security Bulletin 6596971 (Spectrum Protect Plus)
Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus

Source: CCN
Type: Mend Vulnerability Database
CVE-2021-4157

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::nfv:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/a:redhat:enterprise_linux:8::realtime:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:5.12:-:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:119653
    P
    		Security update for the Linux Kernel (Important)
    2022-08-15
    oval:org.opensuse.security:def:118982
    P
    		Security update for the Linux Kernel (Important)
    2022-08-15
    oval:org.opensuse.security:def:118235
    P
    		Security update for the Linux Kernel (Important)
    2022-08-15
    oval:org.opensuse.security:def:119287
    P
    		Security update for the Linux Kernel (Important)
    2022-08-15
    oval:org.opensuse.security:def:118655
    P
    		Security update for the Linux Kernel (Important)
    2022-08-15
    oval:org.opensuse.security:def:119468
    P
    		Security update for the Linux Kernel (Important)
    2022-08-15
    oval:org.opensuse.security:def:118792
    P
    		Security update for the Linux Kernel (Important)
    2022-08-15
    oval:org.opensuse.security:def:4737
    P
    		Security update for the Linux Kernel (Important)
    2022-08-02
    oval:org.opensuse.security:def:42421
    P
    		Security update for the Linux Kernel (Important)
    2022-07-26
    oval:org.opensuse.security:def:42325
    P
    		Security update for the Linux Kernel (Important)
    2022-07-26
    oval:org.opensuse.security:def:43652
    P
    		Security update for the Linux Kernel (Important)
    2022-07-26
    oval:org.opensuse.security:def:598
    P
    		Security update for the Linux Kernel (Important)
    2022-07-26
    oval:org.opensuse.security:def:42317
    P
    		Security update for the Linux Kernel (Important)
    2022-07-18
    oval:org.opensuse.security:def:43645
    P
    		Security update for the Linux Kernel (Important)
    2022-07-18
    oval:org.opensuse.security:def:42412
    P
    		Security update for the Linux Kernel (Important)
    2022-07-18
    oval:org.opensuse.security:def:582
    P
    		Security update for the Linux Kernel (Important)
    2022-07-15
    oval:org.opensuse.security:def:126919
    P
    		Security update for the Linux Kernel (Important)
    2022-07-14
    oval:org.opensuse.security:def:125116
    P
    		Security update for the Linux Kernel (Important)
    2022-07-14
    oval:org.opensuse.security:def:127316
    P
    		Security update for the Linux Kernel (Important)
    2022-07-14
    oval:org.opensuse.security:def:125375
    P
    		Security update for the Linux Kernel (Important)
    2022-07-14
    oval:org.opensuse.security:def:125755
    P
    		Security update for the Linux Kernel (Important)
    2022-07-14
    oval:org.opensuse.security:def:6344
    P
    		Security update for the Linux Kernel (Important)
    2022-07-13
    oval:org.opensuse.security:def:5294
    P
    		Security update for the Linux Kernel (Important)
    2022-07-13
    oval:org.opensuse.security:def:4300
    P
    		Security update for the Linux Kernel (Important)
    2022-07-13
    oval:org.opensuse.security:def:4642
    P
    		Security update for the Linux Kernel (Important)
    2022-07-13
    oval:org.opensuse.security:def:6097
    P
    		Security update for the Linux Kernel (Important)
    2022-07-13
    oval:org.opensuse.security:def:6096
    P
    		Security update for the Linux Kernel (Important)
    2022-07-12
    oval:com.redhat.rhsa:def:20221975
    P
    		RHSA-2022:1975: kernel-rt security and bug fix update (Important)
    2022-05-10
    oval:com.redhat.rhsa:def:20221988
    P
    		RHSA-2022:1988: kernel security, bug fix, and enhancement update (Important)
    2022-05-10
    BACK
    linux linux kernel 5.12 -
    ibm spectrum protect plus 10.1.0