A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
07 Nov 2023, 03:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
30 Jun 2022, 18:59
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210430-0003/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:h:netapp:fas_500f:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:fas_500f_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
|
First Time |
Netapp aff A250 Firmware
Netapp cloud Backup Netapp fas 500f Firmware Debian Netapp fas 500f Netapp Debian debian Linux Netapp aff A250 Netapp solidfire Baseboard Management Controller Firmware |
23 Jun 2021, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Apr 2021, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Mar 2021, 18:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/ - Mailing List, Third Party Advisory |
29 Mar 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Mar 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
26 Mar 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Mar 2021, 20:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References |
|
|
CWE | CWE-362 | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbcc7d57bffc0c8cac9dac11bec548597d59a6a5 - Mailing List, Vendor Advisory | |
References |
|
|
References |
|
|
References |
|
|
References |
|
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 1.9
v3 : 4.7 |
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
|
References |
|
22 Mar 2021, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-22 09:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-28964
Mitre link : CVE-2021-28964
CVE.ORG link : CVE-2021-28964
JSON object : View
Products Affected
netapp
- aff_a250
- cloud_backup
- fas_500f_firmware
- fas_500f
- solidfire_baseboard_management_controller_firmware
- aff_a250_firmware
debian
- debian_linux
linux
- linux_kernel
fedoraproject
- fedora
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')