CVE-2021-4157

An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.

Published: Mar 25, 2022
Updated: Nov 8, 2023
CVE: CVE-2021-4157
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.4
AV:A/AC:M/Au:S/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	4.0	4.4.269
linux / linux_kernel	4.5	4.9.269
linux / linux_kernel	4.10	4.14.233
linux / linux_kernel	4.15	4.19.191
linux / linux_kernel	4.20	5.4.120
linux / linux_kernel	5.5	5.10.38
linux / linux_kernel	5.11	5.11.22
linux / linux_kernel	5.12	5.12.5
fedoraproject / fedora	35	35.x
oracle / communications_cloud_native_core_binding_support_function	22.1.3	22.1.3.x
oracle / communications_cloud_native_core_binding_support_function	22.1.1	22.1.1.x
oracle / communications_cloud_native_core_binding_support_function	22.2.0	22.2.0.x

Vulnerability Database

289,599

CVE-2021-4157